byteboy
Members-
Posts
16 -
Joined
-
Last visited
Reputation
0 Neutral-
Hello, if this is in the wrong place please move it. Right now I run Malwarebytes and Microsoft Security Essentials. Is this the best free antivirus to use with Malwarebytes? Are there any other programs I should be running in addition to an antivirus? Is there something better than Security Essentials? Also, which is the best browser to use for safety, reliability, and even speed? I usually cycle between Chrome and Firefox but what about Internet Explorer? The only add-on toolbar I use is Adblock Plus. Thanks for the help.
-
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by walmart at 2014-04-10 06:59:41 Running from C:\Users\walmart\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 6.0.2 - Biztree Inc.) Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.2.1.3726 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version: - Zecter Inc.) HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Documentation (HKLM-x32\...\{212A6F92-4871-4BD9-8E4F-F876595DE899}) (Version: 1.1.0.0 - Hewlett-Packard) HP Game Console (x32 Version: - WildTangent) Hidden HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MovieStore (x32 Version: 1.0.045 - Hewlett-Packard) Hidden HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{3B37422F-1A58-4138-AB02-0DD9035C02C6}) (Version: 8.6.4516.3597 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13155.3599 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.) Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow) Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Restore Points ========================= 09-04-2014 10:26:10 Windows Update 09-04-2014 11:39:20 Installed iTunes 09-04-2014 11:48:54 Removed iTunes 09-04-2014 12:01:17 Removed Apple Application Support 09-04-2014 12:48:14 Removed Apple Software Update 09-04-2014 12:49:48 Removed Apple Mobile Device Support 09-04-2014 12:51:21 Removed Bonjour 09-04-2014 12:53:10 Removed Adblock Plus for IE (32-bit and 64-bit) 09-04-2014 12:54:30 Adblock Plus for IE 09-04-2014 13:27:29 Windows Update 09-04-2014 13:52:53 Windows Update 10-04-2014 06:49:56 Installed iTunes 10-04-2014 07:31:57 Removed iTunes 10-04-2014 07:34:45 Removed Apple Application Support 10-04-2014 07:38:21 Removed Apple Software Update 10-04-2014 07:39:22 Removed Apple Mobile Device Support 10-04-2014 07:40:16 Removed Bonjour ==================== Hosts content: ========================== 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {09F45ECB-415B-4D39-BCB2-0A7ECF0D47C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {146CE913-73E7-46C5-989A-98692C609DE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-31] (Adobe Systems Incorporated) Task: {2A1E5ECB-9D15-4FBB-BEAF-3B242CDD3CBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {3406380E-B823-4286-B14E-9404A48E6574} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company) Task: {3E997865-1687-41C9-BBFC-E3E9AA6FF1FE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-12-08] () Task: {3FCE58DA-9B6D-4BAE-8798-351F28C8034B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {448DAF13-A07A-4DE6-8C62-4414F3C7D006} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {913686CD-D599-43F9-B90E-F89ACF4DDF95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {97B3CEB7-4986-40FF-ABA3-2FC9FEF75FCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {A989ABB6-D74E-40DC-BBD8-1D3637A06612} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: {B1EFBB00-9A6A-4906-BC6D-FDFA050E9750} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {C77247DF-F33C-4E49-9917-F08D5D718507} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {CA752EF7-0F25-4C9D-A608-4A1156F0AB56} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink) Task: {DAC954F1-A9E3-4311-B889-EE907A5BB72C} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe Task: {DE57885C-53ED-4F9A-B0FC-9F269709DCA4} - System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {E14528C7-E4AB-4DA3-BF44-835FF7F1155B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard) Task: {E21D688A-A2F4-4951-B57D-FD78D5E75EF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-03-25] (Microsoft) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-31 21:24 - 2014-03-27 15:47 - 02744624 _____ () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe 2010-07-21 16:33 - 2010-07-21 16:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2010-07-21 16:33 - 2010-07-21 16:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-07-21 16:33 - 2010-07-21 16:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2014-04-01 09:41 - 2014-04-01 09:41 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll 2012-01-09 18:09 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll 2014-03-31 12:10 - 2014-03-14 19:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:15734396 AlternateDataStreams: C:\ProgramData\Temp:C22674B6 AlternateDataStreams: C:\ProgramData\Temp:F2B81C2E AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18618406.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18618406.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/10/2014 02:37:55 AM) (Source: Microsoft-Windows-RestartManager) (User: HP2000) Description: Application or service 'Apple Mobile Device' could not be restarted. Error: (04/09/2014 08:37:50 AM) (Source: Application Hang) (User: ) Description: The program wusa.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 11b8 Start Time: 01cf53f720efe0e1 Termination Time: 10 Application Path: C:\Windows\SysWOW64\wusa.exe Report Id: Error: (04/09/2014 07:47:57 AM) (Source: Microsoft-Windows-RestartManager) (User: HP2000) Description: Application or service 'Apple Mobile Device' could not be restarted. Error: (04/09/2014 05:20:21 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/09/2014 04:59:47 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/07/2014 09:55:46 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (04/10/2014 02:37:55 AM) (Source: Service Control Manager) (User: ) Description: The Apple Mobile Device service failed to start due to the following error: %%1053 Error: (04/10/2014 02:37:55 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. Error: (04/09/2014 08:53:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070050: Hotfix for Windows (KB947821). Error: (04/09/2014 07:47:57 AM) (Source: Service Control Manager) (User: ) Description: The Apple Mobile Device service failed to start due to the following error: %%1053 Error: (04/09/2014 07:47:57 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. Error: (04/09/2014 05:09:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Update for Windows 7 for x64-based Systems (KB2830477). Error: (04/09/2014 04:58:20 AM) (Source: BugCheck) (User: ) Description: 0x0000001e (0xffffffffc0000005, 0xfffff80002f8c01a, 0x0000000000000001, 0x0000000000000018)C:\Windows\MEMORY.DMP040914-27674-01 Error: (04/09/2014 04:58:14 AM) (Source: EventLog) (User: ) Description: The previous system shutdown at 4:57:03 AM on 4/9/2014 was unexpected. Error: (04/08/2014 10:16:57 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (04/08/2014 03:20:25 PM) (Source: Service Control Manager) (User: ) Description: The Multimedia Class Scheduler service failed to start due to the following error: %%776 Microsoft Office Sessions: ========================= Error: (04/10/2014 02:37:55 AM) (Source: Microsoft-Windows-RestartManager)(User: HP2000) Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217863080 Error: (04/09/2014 08:37:50 AM) (Source: Application Hang)(User: ) Description: wusa.exe6.1.7601.1751411b801cf53f720efe0e110C:\Windows\SysWOW64\wusa.exe Error: (04/09/2014 07:47:57 AM) (Source: Microsoft-Windows-RestartManager)(User: HP2000) Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217851480 Error: (04/09/2014 05:20:21 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/09/2014 04:59:47 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/07/2014 09:55:46 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-04-09 04:05:57.538 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 22:59:06.272 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 21:22:25.906 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 21:04:10.989 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 18:22:21.536 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 15:20:22.794 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 14:04:31.933 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 13:54:20.749 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 12:17:50.055 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-08 12:10:34.452 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 51% Total physical RAM: 3001.89 MB Available physical RAM: 1444.38 MB Total Pagefile: 6001.96 MB Available Pagefile: 3546.84 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:284.21 GB) (Free:230.17 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.69 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7B0CBEB5) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=284 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End Of Log ============================ -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
2014-03-31 19:40 - 2014-03-31 19:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip 2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC 2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe 2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe 2014-03-31 15:58 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-31 15:58 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-31 15:58 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-31 15:58 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-31 15:58 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-03-31 15:58 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-03-31 15:58 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-03-31 15:58 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-03-31 15:58 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-03-31 15:58 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-03-31 15:57 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-03-31 15:57 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-03-31 15:57 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-03-31 15:57 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-03-31 15:57 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-03-31 15:57 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-03-31 15:57 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-03-31 15:57 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-03-31 15:57 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-03-31 15:57 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-03-31 15:57 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-03-31 15:55 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-31 15:55 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-31 15:54 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-31 15:54 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-14 13:46 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-03-14 13:46 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-03-14 13:46 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-03-14 13:46 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-03-14 13:46 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-03-14 13:46 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-03-14 13:45 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-03-14 13:45 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-03-14 13:45 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-03-14 13:45 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-03-14 13:45 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-03-14 13:45 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-03-14 13:45 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-03-14 13:45 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2014-03-14 13:44 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-03-14 13:44 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-03-14 13:43 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-03-14 13:43 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-03-14 13:43 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-03-14 13:43 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-03-14 13:43 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-03-14 13:43 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-03-14 13:43 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-03-14 13:43 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-03-14 13:43 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-03-14 13:43 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-03-14 13:43 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-03-14 13:43 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-03-14 13:43 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-03-14 13:43 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-03-14 13:43 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-03-14 13:43 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-03-14 13:43 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-03-14 13:43 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-03-14 13:43 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-03-14 13:43 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-03-14 13:38 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-03-14 13:38 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-03-14 13:38 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-03-14 13:38 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-03-14 13:38 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-03-14 13:38 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-03-14 13:38 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-03-14 13:38 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-03-14 13:38 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-03-14 13:38 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-03-14 13:38 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-03-14 13:38 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-03-14 13:38 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-03-14 13:38 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-03-14 13:38 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-03-14 13:38 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-03-14 13:38 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-03-14 13:36 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-03-14 13:36 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-03-14 13:36 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-03-14 13:36 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-03-14 13:36 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-03-14 13:36 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-03-14 13:35 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-03-14 13:35 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-03-14 13:35 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-03-14 13:34 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-03-14 13:34 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-03-14 13:34 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-03-14 13:34 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-03-14 13:34 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-03-14 13:34 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-03-14 13:34 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-03-14 13:34 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-03-14 13:34 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-03-14 13:34 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-03-14 13:34 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-03-14 13:34 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-03-14 13:27 - 2013-08-28 21:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-03-14 13:27 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-03-14 13:27 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-03-14 13:27 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-03-14 13:27 - 2013-08-28 20:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-03-14 13:27 - 2013-08-28 20:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-03-14 13:27 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-03-14 13:27 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-03-14 13:27 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-03-14 13:26 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-03-14 13:26 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-03-14 13:25 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-03-14 13:25 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-03-14 13:25 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-03-14 13:25 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2014-03-14 13:24 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-03-14 13:24 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-03-14 13:24 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-03-14 13:24 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2014-03-14 13:19 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-03-14 13:19 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-03-14 12:45 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-03-14 12:45 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-03-14 12:42 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-03-14 12:42 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-03-14 12:42 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-03-14 12:42 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-03-14 12:42 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2014-03-14 12:42 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache 2014-03-14 11:56 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-03-14 11:56 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-03-14 11:56 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-03-14 11:56 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-03-14 11:56 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-03-14 11:56 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-03-14 11:56 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-03-14 11:56 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-03-14 11:56 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios 2014-03-11 22:11 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache 2014-03-11 09:52 - 2014-03-11 09:52 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys ==================== One Month Modified Files and Folders ======= 2014-04-10 06:58 - 2014-04-07 19:27 - 00016861 _____ () C:\Users\walmart\Downloads\FRST.txt 2014-04-10 06:58 - 2014-04-07 19:27 - 00000000 ____D () C:\FRST 2014-04-10 06:57 - 2014-04-10 06:57 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64 (1).exe 2014-04-10 06:32 - 2014-04-06 07:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-10 06:29 - 2012-05-01 19:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-10 06:16 - 2012-07-29 09:45 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-10 06:06 - 2012-01-09 18:06 - 01367236 _____ () C:\Windows\WindowsUpdate.log 2014-04-10 04:26 - 2014-04-07 03:57 - 00000728 _____ () C:\Windows\setupact.log 2014-04-10 03:16 - 2013-05-21 10:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job 2014-04-10 02:37 - 2014-04-09 06:38 - 00000000 ____D () C:\ProgramData\Apple 2014-04-10 02:34 - 2014-04-10 01:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-04-10 02:26 - 2014-04-10 02:26 - 00000000 __SHD () C:\Users\walmart\AppData\Local\EmieUserList 2014-04-10 02:26 - 2014-04-10 02:26 - 00000000 __SHD () C:\Users\walmart\AppData\Local\EmieSiteList 2014-04-09 13:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-04-09 08:54 - 2014-04-09 08:54 - 00347816 _____ (Microsoft Corporation) C:\Users\walmart\Downloads\MicrosoftFixit.wu.RNP.147320475117239000.4.1.Run.exe 2014-04-09 08:40 - 2014-04-09 08:40 - 00280204 _____ () C:\Users\walmart\Downloads\WindowsUpdateDiagnostic.diagcab 2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Windows\CheckSur 2014-04-09 06:45 - 2014-04-09 06:42 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Apple Computer 2014-04-09 06:42 - 2014-04-09 06:42 - 00000000 ____D () C:\Users\walmart\AppData\Local\Apple Computer 2014-04-09 06:41 - 2014-04-09 06:41 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-09 06:39 - 2014-04-09 06:39 - 00000000 ____D () C:\Users\walmart\AppData\Local\Apple 2014-04-09 06:35 - 2014-04-09 06:34 - 148885840 _____ (Apple Inc.) C:\Users\walmart\Downloads\iTunes64Setup.exe 2014-04-09 05:38 - 2014-04-09 05:38 - 00001945 _____ () C:\Windows\epplauncher.mif 2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\27658e796fd2d30cacd94bd8eb30c727 2014-04-09 05:37 - 2014-04-09 05:37 - 13829304 _____ (Microsoft Corporation) C:\Users\walmart\Downloads\mseinstall.exe 2014-04-09 05:28 - 2014-02-19 00:59 - 00776014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-09 05:28 - 2009-07-14 00:13 - 00776014 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-09 05:25 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-09 05:25 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-09 05:19 - 2014-04-09 04:57 - 00430632 _____ () C:\Windows\PFRO.log 2014-04-09 05:19 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-09 05:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-09 05:05 - 2014-04-01 03:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 05:04 - 2012-02-26 19:58 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 04:58 - 2014-04-09 04:58 - 00281528 _____ () C:\Windows\Minidump\040914-27674-01.dmp 2014-04-09 04:58 - 2014-04-07 21:54 - 602608414 _____ () C:\Windows\MEMORY.DMP 2014-04-09 04:58 - 2014-04-02 02:58 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-04-09 04:58 - 2012-05-14 11:50 - 00000000 ____D () C:\Windows\Minidump 2014-04-09 04:22 - 2014-04-08 21:16 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-04-09 03:16 - 2014-04-09 03:16 - 04118841 _____ () C:\Users\walmart\Downloads\tdsskiller.zip 2014-04-09 03:16 - 2014-04-07 15:40 - 04139872 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Desktop\TDSSKiller.exe 2014-04-09 03:15 - 2014-04-09 03:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Downloads\tdsskiller(2).exe 2014-04-08 21:13 - 2014-04-08 21:13 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Downloads\tdsskiller.exe 2014-04-08 12:47 - 2014-04-08 12:46 - 00000000 ____D () C:\Users\walmart\AppData\Local\{8B10739E-2B48-4FA7-BEC3-50FA080AF5C4} 2014-04-08 12:46 - 2012-06-25 18:20 - 00000000 ____D () C:\Users\walmart\AppData\Local\Windows Live 2014-04-07 23:02 - 2012-01-24 18:23 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{47EB58B7-2A92-44B6-AF61-DCD90F7092D8} 2014-04-07 21:54 - 2014-04-07 21:54 - 00277456 _____ () C:\Windows\Minidump\040714-20046-01.dmp 2014-04-07 19:29 - 2014-04-07 19:28 - 00031079 _____ () C:\Users\walmart\Downloads\Addition.txt 2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe 2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg 2014-04-07 03:52 - 2012-03-18 15:12 - 00000000 ____D () C:\Users\walmart\AppData\Local\CrashDumps 2014-04-07 03:52 - 2012-02-24 13:21 - 00000000 ___DC () C:\Users\walmart\AppData\Local\MigWiz 2014-04-07 03:52 - 2007-01-01 20:25 - 00000000 ____D () C:\Windows\Panther 2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe 2014-04-07 03:45 - 2014-04-06 03:24 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc 2014-04-06 08:19 - 2014-04-01 03:04 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent 2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe 2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-06 03:23 - 2014-04-01 03:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-06 03:01 - 2014-04-06 03:00 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek 2014-04-06 02:58 - 2012-01-09 18:16 - 00015302 _____ () C:\Windows\system32\results.xml 2014-04-06 02:58 - 2011-04-09 16:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-06 02:53 - 2011-02-10 14:23 - 00000000 ____D () C:\SWSetup 2014-04-06 02:50 - 2012-01-09 18:12 - 00000000 ____D () C:\Windows\SysWOW64\sda 2014-04-06 02:50 - 2012-01-09 18:07 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe 2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-04 20:43 - 2014-04-04 20:44 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe 2014-04-03 09:51 - 2014-04-06 07:40 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-06 07:40 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-06 07:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-03 08:49 - 2012-03-22 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-04-03 08:49 - 2012-02-24 10:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe 2014-04-01 10:26 - 2014-03-07 14:35 - 00000000 ____D () C:\ProgramData\VirtualizedApplications 2014-04-01 10:26 - 2014-02-19 00:59 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\SoftGrid Client 2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2} 2014-04-01 08:18 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-04-01 08:17 - 2012-01-24 18:22 - 00001417 _____ () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-01 08:15 - 2009-07-13 23:45 - 00277464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-04-01 06:47 - 2014-02-19 00:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client 2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files 2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe 2014-04-01 03:11 - 2014-02-04 20:58 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe 2014-04-01 03:11 - 2012-07-29 09:45 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box 2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls 2014-03-31 19:45 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip 2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC 2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe 2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia 2014-03-31 18:16 - 2012-05-01 19:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-31 18:16 - 2012-05-01 19:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-31 18:16 - 2012-05-01 19:46 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-31 17:49 - 2014-04-08 21:26 - 00001163 _____ () C:\Users\walmart\Desktop\Mozilla Firefox.lnk 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 17:49 - 2012-12-24 16:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe 2014-03-31 12:10 - 2013-04-19 13:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache 2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios 2014-03-11 22:12 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Big Fish Games 2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache 2014-03-11 09:52 - 2014-03-11 09:52 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys Some content of TEMP: ==================== C:\Users\walmart\AppData\Local\Temp\{3D4A31B3-846C-4889-AD87-8BC0F0637BEF}.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-09 03:52 ==================== End Of Log ============================ -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)Ran by walmart (administrator) on HP2000 on 10-04-2014 06:58:10Running from C:\Users\walmart\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version:Download link for 64-Bit Version:Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\walmart\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7541976 1999-12-31] (Realtek Semiconductor)HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\Run: [bIBLauncher] - C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [2744624 2014-03-27] ()HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: F - F:\LaunchU3.exe -aHKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: {8fcbc2c5-5efa-11e1-9c3c-74de2bc78cb5} - F:\LaunchU3.exe -aHKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\walmart\AppData\Local\Temp\seftxwf\sxeetuk\wow64.dll ATTENTION! ====> ZeroAccess? ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDFSearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDFSearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDFSearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDFSearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No FileBHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileTcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF ProfilePath: C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.defaultFF Homepage: google.comFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF Plugin-x32: @ei.TelevisionFanatic.com/Plugin - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)FF Plugin-x32: @ei.TotalRecipeSearch_14.com/Plugin - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Extension: Adblock Plus - C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-31] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No FileCHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No FileCHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No FileCHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No FileCHR Plugin: (TelevisionFanatic Installer Plugin Stub) - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)CHR Plugin: (TotalRecipeSearch Installer Plugin Stub) - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch)CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No FileCHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No FileCHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No FileCHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No FileCHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No FileCHR Extension: (Google Docs) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-19]CHR Extension: (Google Drive) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-19]CHR Extension: (YouTube) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-19]CHR Extension: (Adblock Plus) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-17]CHR Extension: (Google Search) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-19]CHR Extension: (Google Wallet) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]CHR Extension: (Gmail) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-19] ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 1999-12-31] (Realtek Semiconductor) ==================== Drivers (Whitelisted) ==================== R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-10] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-10 06:57 - 2014-04-10 06:57 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64 (1).exe2014-04-10 02:26 - 2014-04-10 02:26 - 00000000 __SHD () C:\Users\walmart\AppData\Local\EmieUserList2014-04-10 02:26 - 2014-04-10 02:26 - 00000000 __SHD () C:\Users\walmart\AppData\Local\EmieSiteList2014-04-10 01:51 - 2014-04-10 02:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-04-09 08:54 - 2014-04-09 08:54 - 00347816 _____ (Microsoft Corporation) C:\Users\walmart\Downloads\MicrosoftFixit.wu.RNP.147320475117239000.4.1.Run.exe2014-04-09 08:40 - 2014-04-09 08:40 - 00280204 _____ () C:\Users\walmart\Downloads\WindowsUpdateDiagnostic.diagcab2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Windows\CheckSur2014-04-09 06:42 - 2014-04-09 06:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Apple Computer2014-04-09 06:42 - 2014-04-09 06:42 - 00000000 ____D () C:\Users\walmart\AppData\Local\Apple Computer2014-04-09 06:41 - 2014-04-09 06:41 - 00000000 ____D () C:\ProgramData\Apple Computer2014-04-09 06:39 - 2014-04-09 06:39 - 00000000 ____D () C:\Users\walmart\AppData\Local\Apple2014-04-09 06:38 - 2014-04-10 02:37 - 00000000 ____D () C:\ProgramData\Apple2014-04-09 06:34 - 2014-04-09 06:35 - 148885840 _____ (Apple Inc.) C:\Users\walmart\Downloads\iTunes64Setup.exe2014-04-09 05:38 - 2014-04-09 05:38 - 00001945 _____ () C:\Windows\epplauncher.mif2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client2014-04-09 05:38 - 2014-04-09 05:38 - 00000000 ____D () C:\27658e796fd2d30cacd94bd8eb30c7272014-04-09 05:37 - 2014-04-09 05:37 - 13829304 _____ (Microsoft Corporation) C:\Users\walmart\Downloads\mseinstall.exe2014-04-09 05:26 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-04-09 05:26 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-04-09 05:08 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys2014-04-09 05:08 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe2014-04-09 05:08 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2014-04-09 05:08 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll2014-04-09 05:08 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll2014-04-09 05:08 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2014-04-09 05:08 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll2014-04-09 05:08 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2014-04-09 05:08 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll2014-04-09 05:08 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll2014-04-09 05:08 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2014-04-09 05:08 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2014-04-09 05:08 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2014-04-09 05:08 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2014-04-09 05:08 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2014-04-09 05:08 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe2014-04-09 05:07 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-04-09 05:07 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-04-09 05:07 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-04-09 05:07 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-04-09 05:07 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-04-09 05:07 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-04-09 05:07 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-04-09 05:07 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-04-09 05:07 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-04-09 05:07 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-04-09 05:07 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-04-09 05:07 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-04-09 05:07 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-04-09 05:07 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-04-09 05:07 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-04-09 05:07 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-04-09 05:07 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-04-09 05:07 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-04-09 05:07 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-04-09 05:07 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-04-09 05:07 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-04-09 05:07 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-04-09 05:07 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-04-09 05:07 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-04-09 05:07 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-09 05:07 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-04-09 05:07 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-04-09 05:07 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-04-09 05:06 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-04-09 05:06 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-04-09 05:06 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-04-09 05:06 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-04-09 05:06 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-04-09 05:06 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-04-09 05:06 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-04-09 05:06 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-04-09 05:06 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-04-09 05:06 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-04-09 05:06 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-04-09 05:06 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-04-09 05:06 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-04-09 05:06 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-04-09 05:06 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-04-09 05:06 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-04-09 05:06 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-04-09 05:06 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-04-09 05:06 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-04-09 05:06 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-04-09 05:06 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2014-04-09 05:06 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys2014-04-09 05:06 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys2014-04-09 05:06 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2014-04-09 05:06 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll2014-04-09 05:06 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll2014-04-09 05:06 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-04-09 04:58 - 2014-04-09 04:58 - 00281528 _____ () C:\Windows\Minidump\040914-27674-01.dmp2014-04-09 04:57 - 2014-04-09 05:19 - 00430632 _____ () C:\Windows\PFRO.log2014-04-09 04:56 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-09 04:56 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-04-09 04:56 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-09 04:56 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-04-09 04:56 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-09 04:56 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2014-04-09 04:56 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2014-04-09 04:55 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-04-09 04:55 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-04-09 04:55 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-04-09 04:55 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-04-09 04:55 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-04-09 04:55 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-09 04:55 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-04-09 04:55 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-04-09 04:55 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-04-09 04:54 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-04-09 04:54 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-04-09 04:54 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-04-09 03:16 - 2014-04-09 03:16 - 04118841 _____ () C:\Users\walmart\Downloads\tdsskiller.zip2014-04-09 03:15 - 2014-04-09 03:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Downloads\tdsskiller(2).exe2014-04-08 21:26 - 2014-03-31 17:49 - 00001163 _____ () C:\Users\walmart\Desktop\Mozilla Firefox.lnk2014-04-08 21:16 - 2014-04-09 04:22 - 00000000 ____D () C:\TDSSKiller_Quarantine2014-04-08 21:13 - 2014-04-08 21:13 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Downloads\tdsskiller.exe2014-04-08 12:46 - 2014-04-08 12:47 - 00000000 ____D () C:\Users\walmart\AppData\Local\{8B10739E-2B48-4FA7-BEC3-50FA080AF5C4}2014-04-07 21:54 - 2014-04-09 04:58 - 602608414 _____ () C:\Windows\MEMORY.DMP2014-04-07 21:54 - 2014-04-07 21:54 - 00277456 _____ () C:\Windows\Minidump\040714-20046-01.dmp2014-04-07 19:28 - 2014-04-07 19:29 - 00031079 _____ () C:\Users\walmart\Downloads\Addition.txt2014-04-07 19:27 - 2014-04-10 06:58 - 00016861 _____ () C:\Users\walmart\Downloads\FRST.txt2014-04-07 19:27 - 2014-04-10 06:58 - 00000000 ____D () C:\FRST2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe2014-04-07 15:40 - 2014-04-09 03:16 - 04139872 _____ (Kaspersky Lab ZAO) C:\Users\walmart\Desktop\TDSSKiller.exe2014-04-07 03:57 - 2014-04-10 04:26 - 00000728 _____ () C:\Windows\setupact.log2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe2014-04-06 07:40 - 2014-04-10 06:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-06 07:40 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-06 07:40 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-04-06 07:40 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe2014-04-06 03:24 - 2014-04-07 03:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk2014-04-06 03:00 - 2014-04-06 03:01 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek2014-04-06 03:00 - 1999-12-31 19:00 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat2014-04-06 03:00 - 1999-12-31 19:00 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys2014-04-06 03:00 - 1999-12-31 19:00 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl2014-04-06 03:00 - 1999-12-31 19:00 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT2014-04-06 03:00 - 1999-12-31 19:00 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll2014-04-06 03:00 - 1999-12-31 19:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll2014-04-06 02:58 - 1999-12-31 19:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll2014-04-06 02:58 - 1999-12-31 19:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll2014-04-06 02:58 - 1999-12-31 19:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll2014-04-06 02:50 - 1999-12-31 19:00 - 09888912 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll2014-04-06 02:50 - 1999-12-31 19:00 - 00339600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys2014-04-06 02:41 - 2013-11-26 15:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys2014-04-06 02:41 - 2013-11-26 15:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll2014-04-06 02:37 - 1999-12-31 19:00 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll2014-04-06 02:37 - 1999-12-31 19:00 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll2014-04-06 02:37 - 1999-12-31 19:00 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys2014-04-06 02:37 - 1999-12-31 19:00 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll2014-04-06 02:37 - 1999-12-31 19:00 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe2014-04-06 02:37 - 1999-12-31 19:00 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl2014-04-06 02:37 - 1999-12-31 19:00 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources2014-04-06 02:37 - 1999-12-31 19:00 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc2014-04-06 02:37 - 1999-12-31 19:00 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll2014-04-06 02:37 - 1999-12-31 19:00 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp2014-04-06 02:37 - 1999-12-31 19:00 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle2014-04-04 20:44 - 2014-04-04 20:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe2014-04-02 02:58 - 2014-04-09 04:58 - 00000000 ____D () C:\ProgramData\AVAST Software2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2}2014-04-01 06:48 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2014-04-01 06:48 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2014-04-01 06:48 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2014-04-01 06:47 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files2014-04-01 03:17 - 2014-04-09 05:05 - 00000000 ____D () C:\Windows\system32\MRT2014-04-01 03:12 - 2014-04-06 03:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe2014-04-01 03:04 - 2014-04-06 08:19 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
01:39:00.0874 0x10ac Npfs - ok 01:39:00.0904 0x10ac [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 01:39:00.0906 0x10ac nsi - ok 01:39:00.0924 0x10ac [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 01:39:00.0926 0x10ac nsiproxy - ok 01:39:01.0019 0x10ac [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 01:39:01.0065 0x10ac Ntfs - ok 01:39:01.0097 0x10ac [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 01:39:01.0099 0x10ac Null - ok 01:39:01.0125 0x10ac [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 01:39:01.0136 0x10ac NVENETFD - ok 01:39:01.0156 0x10ac [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 01:39:01.0161 0x10ac nvraid - ok 01:39:01.0202 0x10ac [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 01:39:01.0208 0x10ac nvstor - ok 01:39:01.0245 0x10ac [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 01:39:01.0249 0x10ac nv_agp - ok 01:39:01.0271 0x10ac [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 01:39:01.0274 0x10ac ohci1394 - ok 01:39:01.0318 0x10ac [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:39:01.0323 0x10ac ose - ok 01:39:01.0540 0x10ac [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 01:39:01.0730 0x10ac osppsvc - ok 01:39:01.0773 0x10ac [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 01:39:01.0782 0x10ac p2pimsvc - ok 01:39:01.0830 0x10ac [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 01:39:01.0841 0x10ac p2psvc - ok 01:39:01.0859 0x10ac [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 01:39:01.0862 0x10ac Parport - ok 01:39:01.0891 0x10ac [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 01:39:01.0894 0x10ac partmgr - ok 01:39:01.0918 0x10ac [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 01:39:01.0924 0x10ac PcaSvc - ok 01:39:01.0935 0x10ac [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 01:39:01.0940 0x10ac pci - ok 01:39:01.0966 0x10ac [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 01:39:01.0968 0x10ac pciide - ok 01:39:01.0998 0x10ac [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 01:39:02.0005 0x10ac pcmcia - ok 01:39:02.0037 0x10ac [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 01:39:02.0040 0x10ac pcw - ok 01:39:02.0073 0x10ac [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 01:39:02.0090 0x10ac PEAUTH - ok 01:39:02.0163 0x10ac [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 01:39:02.0165 0x10ac PerfHost - ok 01:39:02.0281 0x10ac [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 01:39:02.0319 0x10ac pla - ok 01:39:02.0372 0x10ac [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 01:39:02.0384 0x10ac PlugPlay - ok 01:39:02.0401 0x10ac [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 01:39:02.0404 0x10ac PNRPAutoReg - ok 01:39:02.0429 0x10ac [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 01:39:02.0438 0x10ac PNRPsvc - ok 01:39:02.0491 0x10ac [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 01:39:02.0503 0x10ac PolicyAgent - ok 01:39:02.0542 0x10ac [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 01:39:02.0549 0x10ac Power - ok 01:39:02.0580 0x10ac [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 01:39:02.0584 0x10ac PptpMiniport - ok 01:39:02.0604 0x10ac [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 01:39:02.0607 0x10ac Processor - ok 01:39:02.0640 0x10ac [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 01:39:02.0648 0x10ac ProfSvc - ok 01:39:02.0670 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 01:39:02.0672 0x10ac ProtectedStorage - ok 01:39:02.0702 0x10ac [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 01:39:02.0705 0x10ac Psched - ok 01:39:02.0784 0x10ac [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 01:39:02.0823 0x10ac ql2300 - ok 01:39:02.0858 0x10ac [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 01:39:02.0862 0x10ac ql40xx - ok 01:39:02.0894 0x10ac [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 01:39:02.0902 0x10ac QWAVE - ok 01:39:02.0926 0x10ac [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 01:39:02.0929 0x10ac QWAVEdrv - ok 01:39:02.0951 0x10ac [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 01:39:02.0953 0x10ac RasAcd - ok 01:39:02.0974 0x10ac [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 01:39:02.0977 0x10ac RasAgileVpn - ok 01:39:02.0997 0x10ac [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 01:39:03.0002 0x10ac RasAuto - ok 01:39:03.0012 0x10ac [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 01:39:03.0017 0x10ac Rasl2tp - ok 01:39:03.0050 0x10ac [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 01:39:03.0061 0x10ac RasMan - ok 01:39:03.0070 0x10ac [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 01:39:03.0073 0x10ac RasPppoe - ok 01:39:03.0091 0x10ac [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 01:39:03.0095 0x10ac RasSstp - ok 01:39:03.0135 0x10ac [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 01:39:03.0143 0x10ac rdbss - ok 01:39:03.0161 0x10ac [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 01:39:03.0163 0x10ac rdpbus - ok 01:39:03.0177 0x10ac [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 01:39:03.0178 0x10ac RDPCDD - ok 01:39:03.0188 0x10ac [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 01:39:03.0189 0x10ac RDPENCDD - ok 01:39:03.0200 0x10ac [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 01:39:03.0201 0x10ac RDPREFMP - ok 01:39:03.0257 0x10ac [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 01:39:03.0259 0x10ac RdpVideoMiniport - ok 01:39:03.0305 0x10ac [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 01:39:03.0311 0x10ac RDPWD - ok 01:39:03.0331 0x10ac [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 01:39:03.0337 0x10ac rdyboost - ok 01:39:03.0381 0x10ac [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 01:39:03.0386 0x10ac RemoteAccess - ok 01:39:03.0419 0x10ac [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 01:39:03.0425 0x10ac RemoteRegistry - ok 01:39:03.0470 0x10ac [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 01:39:03.0481 0x10ac RoxioNow Service - ok 01:39:03.0502 0x10ac [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 01:39:03.0506 0x10ac RpcEptMapper - ok 01:39:03.0517 0x10ac [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 01:39:03.0520 0x10ac RpcLocator - ok 01:39:03.0552 0x10ac [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 01:39:03.0565 0x10ac RpcSs - ok 01:39:03.0643 0x10ac [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 01:39:03.0652 0x10ac RSPCIESTOR - ok 01:39:03.0686 0x10ac [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 01:39:03.0689 0x10ac rspndr - ok 01:39:03.0757 0x10ac [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 01:39:03.0765 0x10ac RtkAudioService - ok 01:39:03.0852 0x10ac [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 01:39:03.0875 0x10ac RTL8167 - ok 01:39:03.0959 0x10ac [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 01:39:03.0988 0x10ac RTL8192Ce - ok 01:39:04.0014 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 01:39:04.0016 0x10ac SamSs - ok 01:39:04.0051 0x10ac [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 01:39:04.0055 0x10ac sbp2port - ok 01:39:04.0091 0x10ac [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 01:39:04.0098 0x10ac SCardSvr - ok 01:39:04.0120 0x10ac [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 01:39:04.0122 0x10ac scfilter - ok 01:39:04.0176 0x10ac [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 01:39:04.0227 0x10ac Schedule - ok 01:39:04.0275 0x10ac [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 01:39:04.0278 0x10ac SCPolicySvc - ok 01:39:04.0308 0x10ac [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 01:39:04.0312 0x10ac sdbus - ok 01:39:04.0341 0x10ac [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 01:39:04.0348 0x10ac SDRSVC - ok 01:39:04.0363 0x10ac [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 01:39:04.0365 0x10ac secdrv - ok 01:39:04.0387 0x10ac [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 01:39:04.0390 0x10ac seclogon - ok 01:39:04.0400 0x10ac [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 01:39:04.0404 0x10ac SENS - ok 01:39:04.0411 0x10ac [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 01:39:04.0415 0x10ac SensrSvc - ok 01:39:04.0437 0x10ac [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 01:39:04.0438 0x10ac Serenum - ok 01:39:04.0460 0x10ac [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 01:39:04.0464 0x10ac Serial - ok 01:39:04.0494 0x10ac [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 01:39:04.0496 0x10ac sermouse - ok 01:39:04.0540 0x10ac [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 01:39:04.0546 0x10ac SessionEnv - ok 01:39:04.0573 0x10ac [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 01:39:04.0575 0x10ac sffdisk - ok 01:39:04.0594 0x10ac [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 01:39:04.0596 0x10ac sffp_mmc - ok 01:39:04.0623 0x10ac [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 01:39:04.0625 0x10ac sffp_sd - ok 01:39:04.0633 0x10ac [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 01:39:04.0635 0x10ac sfloppy - ok 01:39:04.0683 0x10ac [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 01:39:04.0703 0x10ac Sftfs - ok 01:39:04.0774 0x10ac [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 01:39:04.0788 0x10ac sftlist - ok 01:39:04.0825 0x10ac [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 01:39:04.0833 0x10ac Sftplay - ok 01:39:04.0852 0x10ac [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 01:39:04.0854 0x10ac Sftredir - ok 01:39:04.0875 0x10ac [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 01:39:04.0877 0x10ac Sftvol - ok 01:39:04.0910 0x10ac [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 01:39:04.0916 0x10ac sftvsa - ok 01:39:04.0972 0x10ac [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 01:39:04.0983 0x10ac SharedAccess - ok 01:39:05.0027 0x10ac [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 01:39:05.0037 0x10ac ShellHWDetection - ok 01:39:05.0060 0x10ac [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 01:39:05.0062 0x10ac SiSRaid2 - ok 01:39:05.0096 0x10ac [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 01:39:05.0099 0x10ac SiSRaid4 - ok 01:39:05.0125 0x10ac [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 01:39:05.0129 0x10ac Smb - ok 01:39:05.0158 0x10ac [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 01:39:05.0161 0x10ac SNMPTRAP - ok 01:39:05.0171 0x10ac [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 01:39:05.0173 0x10ac spldr - ok 01:39:05.0208 0x10ac [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 01:39:05.0224 0x10ac Spooler - ok 01:39:05.0348 0x10ac [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 01:39:05.0438 0x10ac sppsvc - ok 01:39:05.0475 0x10ac [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 01:39:05.0479 0x10ac sppuinotify - ok 01:39:05.0518 0x10ac [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 01:39:05.0530 0x10ac srv - ok 01:39:05.0557 0x10ac [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 01:39:05.0569 0x10ac srv2 - ok 01:39:05.0614 0x10ac [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 01:39:05.0622 0x10ac SrvHsfHDA - ok 01:39:05.0697 0x10ac [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 01:39:05.0737 0x10ac SrvHsfV92 - ok 01:39:05.0784 0x10ac [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 01:39:05.0803 0x10ac SrvHsfWinac - ok 01:39:05.0837 0x10ac [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 01:39:05.0842 0x10ac srvnet - ok 01:39:05.0879 0x10ac [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 01:39:05.0887 0x10ac SSDPSRV - ok 01:39:05.0901 0x10ac [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 01:39:05.0906 0x10ac SstpSvc - ok 01:39:05.0919 0x10ac [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 01:39:05.0920 0x10ac stexstor - ok 01:39:05.0949 0x10ac [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 01:39:05.0964 0x10ac stisvc - ok 01:39:05.0991 0x10ac [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 01:39:05.0992 0x10ac swenum - ok 01:39:06.0037 0x10ac [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 01:39:06.0050 0x10ac swprv - ok 01:39:06.0098 0x10ac [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 01:39:06.0146 0x10ac SynTP - ok 01:39:06.0264 0x10ac [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 01:39:06.0304 0x10ac SysMain - ok 01:39:06.0330 0x10ac [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 01:39:06.0335 0x10ac TabletInputService - ok 01:39:06.0356 0x10ac [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 01:39:06.0366 0x10ac TapiSrv - ok 01:39:06.0399 0x10ac [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 01:39:06.0403 0x10ac TBS - ok 01:39:06.0505 0x10ac [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 01:39:06.0555 0x10ac Tcpip - ok 01:39:06.0633 0x10ac [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 01:39:06.0674 0x10ac TCPIP6 - ok 01:39:06.0715 0x10ac [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 01:39:06.0718 0x10ac tcpipreg - ok 01:39:06.0743 0x10ac [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 01:39:06.0745 0x10ac TDPIPE - ok 01:39:06.0768 0x10ac [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 01:39:06.0770 0x10ac TDTCP - ok 01:39:06.0792 0x10ac [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 01:39:06.0796 0x10ac tdx - ok 01:39:06.0814 0x10ac [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 01:39:06.0817 0x10ac TermDD - ok 01:39:06.0859 0x10ac [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 01:39:06.0879 0x10ac TermService - ok 01:39:06.0900 0x10ac [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 01:39:06.0903 0x10ac Themes - ok 01:39:06.0930 0x10ac [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 01:39:06.0933 0x10ac THREADORDER - ok 01:39:06.0946 0x10ac [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 01:39:06.0952 0x10ac TrkWks - ok 01:39:07.0004 0x10ac [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 01:39:07.0009 0x10ac TrustedInstaller - ok 01:39:07.0053 0x10ac [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 01:39:07.0055 0x10ac tssecsrv - ok 01:39:07.0092 0x10ac [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 01:39:07.0095 0x10ac TsUsbFlt - ok 01:39:07.0136 0x10ac [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 01:39:07.0139 0x10ac TsUsbGD - ok 01:39:07.0168 0x10ac [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 01:39:07.0173 0x10ac tunnel - ok 01:39:07.0198 0x10ac [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 01:39:07.0201 0x10ac uagp35 - ok 01:39:07.0232 0x10ac [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 01:39:07.0241 0x10ac udfs - ok 01:39:07.0278 0x10ac [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 01:39:07.0282 0x10ac UI0Detect - ok 01:39:07.0295 0x10ac [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 01:39:07.0297 0x10ac uliagpkx - ok 01:39:07.0325 0x10ac [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 01:39:07.0328 0x10ac umbus - ok 01:39:07.0359 0x10ac [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 01:39:07.0360 0x10ac UmPass - ok 01:39:07.0390 0x10ac [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 01:39:07.0400 0x10ac upnphost - ok 01:39:07.0434 0x10ac [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 01:39:07.0438 0x10ac usbccgp - ok 01:39:07.0461 0x10ac [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 01:39:07.0465 0x10ac usbcir - ok 01:39:07.0481 0x10ac [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 01:39:07.0484 0x10ac usbehci - ok 01:39:07.0522 0x10ac [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 01:39:07.0531 0x10ac usbhub - ok 01:39:07.0552 0x10ac [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 01:39:07.0554 0x10ac usbohci - ok 01:39:07.0576 0x10ac [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 01:39:07.0578 0x10ac usbprint - ok 01:39:07.0597 0x10ac [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 01:39:07.0600 0x10ac USBSTOR - ok 01:39:07.0639 0x10ac [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 01:39:07.0640 0x10ac usbuhci - ok 01:39:07.0684 0x10ac [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 01:39:07.0690 0x10ac usbvideo - ok 01:39:07.0720 0x10ac [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 01:39:07.0723 0x10ac UxSms - ok 01:39:07.0748 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 01:39:07.0751 0x10ac VaultSvc - ok 01:39:07.0774 0x10ac [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 01:39:07.0776 0x10ac vdrvroot - ok 01:39:07.0808 0x10ac [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 01:39:07.0825 0x10ac vds - ok 01:39:07.0861 0x10ac [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 01:39:07.0863 0x10ac vga - ok 01:39:07.0878 0x10ac [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 01:39:07.0880 0x10ac VgaSave - ok 01:39:07.0908 0x10ac [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 01:39:07.0914 0x10ac vhdmp - ok 01:39:07.0948 0x10ac [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 01:39:07.0950 0x10ac viaide - ok 01:39:07.0986 0x10ac [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 01:39:07.0989 0x10ac volmgr - ok 01:39:08.0014 0x10ac [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 01:39:08.0023 0x10ac volmgrx - ok 01:39:08.0052 0x10ac [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 01:39:08.0060 0x10ac volsnap - ok 01:39:08.0076 0x10ac [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 01:39:08.0082 0x10ac vsmraid - ok 01:39:08.0161 0x10ac [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 01:39:08.0205 0x10ac VSS - ok 01:39:08.0260 0x10ac [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 01:39:08.0261 0x10ac vwifibus - ok 01:39:08.0279 0x10ac [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 01:39:08.0282 0x10ac vwififlt - ok 01:39:08.0316 0x10ac [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 01:39:08.0329 0x10ac W32Time - ok 01:39:08.0358 0x10ac [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 01:39:08.0360 0x10ac WacomPen - ok 01:39:08.0369 0x10ac [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 01:39:08.0373 0x10ac WANARP - ok 01:39:08.0379 0x10ac [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 01:39:08.0382 0x10ac Wanarpv6 - ok 01:39:08.0455 0x10ac [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 01:39:08.0488 0x10ac WatAdminSvc - ok 01:39:08.0566 0x10ac [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 01:39:08.0606 0x10ac wbengine - ok 01:39:08.0632 0x10ac [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 01:39:08.0640 0x10ac WbioSrvc - ok 01:39:08.0664 0x10ac [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 01:39:08.0676 0x10ac wcncsvc - ok 01:39:08.0709 0x10ac [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 01:39:08.0713 0x10ac WcsPlugInService - ok 01:39:08.0739 0x10ac [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 01:39:08.0741 0x10ac Wd - ok 01:39:08.0795 0x10ac [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 01:39:08.0815 0x10ac Wdf01000 - ok 01:39:08.0831 0x10ac [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 01:39:08.0836 0x10ac WdiServiceHost - ok 01:39:08.0843 0x10ac [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 01:39:08.0847 0x10ac WdiSystemHost - ok 01:39:08.0895 0x10ac [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 01:39:08.0904 0x10ac WebClient - ok 01:39:08.0941 0x10ac [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 01:39:08.0950 0x10ac Wecsvc - ok 01:39:08.0967 0x10ac [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 01:39:08.0972 0x10ac wercplsupport - ok 01:39:08.0990 0x10ac [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 01:39:08.0995 0x10ac WerSvc - ok 01:39:09.0021 0x10ac [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 01:39:09.0023 0x10ac WfpLwf - ok 01:39:09.0041 0x10ac [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 01:39:09.0043 0x10ac WIMMount - ok 01:39:09.0074 0x10ac WinDefend - ok 01:39:09.0093 0x10ac WinHttpAutoProxySvc - ok 01:39:09.0143 0x10ac [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 01:39:09.0151 0x10ac Winmgmt - ok 01:39:09.0243 0x10ac [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 01:39:09.0296 0x10ac WinRM - ok 01:39:09.0353 0x10ac [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 01:39:09.0356 0x10ac WinUsb - ok 01:39:09.0400 0x10ac [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 01:39:09.0425 0x10ac Wlansvc - ok 01:39:09.0462 0x10ac [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 01:39:09.0465 0x10ac wlcrasvc - ok 01:39:09.0579 0x10ac [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 01:39:09.0636 0x10ac wlidsvc - ok 01:39:09.0679 0x10ac [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 01:39:09.0681 0x10ac WmiAcpi - ok 01:39:09.0726 0x10ac [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 01:39:09.0732 0x10ac wmiApSrv - ok 01:39:09.0773 0x10ac WMPNetworkSvc - ok 01:39:09.0801 0x10ac [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 01:39:09.0804 0x10ac WPCSvc - ok 01:39:09.0820 0x10ac [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 01:39:09.0826 0x10ac WPDBusEnum - ok 01:39:09.0857 0x10ac [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 01:39:09.0858 0x10ac ws2ifsl - ok 01:39:09.0867 0x10ac [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 01:39:09.0872 0x10ac wscsvc - ok 01:39:09.0878 0x10ac WSearch - ok 01:39:09.0986 0x10ac [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 01:39:10.0048 0x10ac wuauserv - ok 01:39:10.0090 0x10ac [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 01:39:10.0094 0x10ac WudfPf - ok 01:39:10.0119 0x10ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 01:39:10.0125 0x10ac WUDFRd - ok 01:39:10.0144 0x10ac [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 01:39:10.0149 0x10ac wudfsvc - ok 01:39:10.0218 0x10ac [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 01:39:10.0227 0x10ac WwanSvc - ok 01:39:10.0239 0x10ac ================ Scan global =============================== 01:39:10.0302 0x10ac [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 01:39:10.0345 0x10ac [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 01:39:10.0360 0x10ac [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 01:39:10.0395 0x10ac [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 01:39:10.0427 0x10ac [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 01:39:10.0437 0x10ac [ Global ] - ok 01:39:10.0437 0x10ac ================ Scan MBR ================================== 01:39:10.0455 0x10ac [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 01:39:10.0697 0x10ac \Device\Harddisk0\DR0 - ok 01:39:10.0698 0x10ac ================ Scan VBR ================================== 01:39:10.0702 0x10ac [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1 01:39:10.0704 0x10ac \Device\Harddisk0\DR0\Partition1 - ok 01:39:10.0709 0x10ac [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2 01:39:10.0710 0x10ac \Device\Harddisk0\DR0\Partition2 - ok 01:39:10.0715 0x10ac [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3 01:39:10.0716 0x10ac \Device\Harddisk0\DR0\Partition3 - ok 01:39:10.0722 0x10ac [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4 01:39:10.0723 0x10ac \Device\Harddisk0\DR0\Partition4 - ok 01:39:10.0726 0x10ac Waiting for KSN requests completion. In queue: 333 01:39:11.0726 0x10ac Waiting for KSN requests completion. In queue: 27 01:39:12.0726 0x10ac Waiting for KSN requests completion. In queue: 27 01:39:13.0726 0x10ac Waiting for KSN requests completion. In queue: 27 01:39:14.0726 0x10ac Waiting for KSN requests completion. In queue: 27 01:39:16.0126 0x10ac AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated ) 01:39:16.0293 0x10ac Win FW state via NFP2: enabled 01:39:18.0852 0x10ac ============================================================ 01:39:18.0852 0x10ac Scan finished 01:39:18.0852 0x10ac ============================================================ 01:39:18.0863 0x0938 Detected object count: 0 01:39:18.0863 0x0938 Actual detected object count: 0 01:39:28.0234 0x1850 Deinitialize success -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
Okay I scanned TDSSKiller again and it shows no detections. 01:38:08.0383 0x11e4 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12 01:38:16.0696 0x11e4 ============================================================ 01:38:16.0696 0x11e4 Current date / time: 2014/04/10 01:38:16.0696 01:38:16.0696 0x11e4 SystemInfo: 01:38:16.0696 0x11e4 01:38:16.0696 0x11e4 OS Version: 6.1.7601 ServicePack: 1.0 01:38:16.0696 0x11e4 Product type: Workstation 01:38:16.0697 0x11e4 ComputerName: HP2000 01:38:16.0697 0x11e4 UserName: walmart 01:38:16.0697 0x11e4 Windows directory: C:\Windows 01:38:16.0697 0x11e4 System windows directory: C:\Windows 01:38:16.0697 0x11e4 Running under WOW64 01:38:16.0697 0x11e4 Processor architecture: Intel x64 01:38:16.0697 0x11e4 Number of processors: 2 01:38:16.0697 0x11e4 Page size: 0x1000 01:38:16.0697 0x11e4 Boot type: Normal boot 01:38:16.0697 0x11e4 ============================================================ 01:38:17.0162 0x11e4 KLMD registered as C:\Windows\system32\drivers\82733747.sys 01:38:18.0319 0x11e4 System UUID: {F2E90BC9-A548-FF9E-AC89-A246D26B8FE3} 01:38:21.0299 0x11e4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 01:38:21.0305 0x11e4 ============================================================ 01:38:21.0305 0x11e4 \Device\Harddisk0\DR0: 01:38:21.0305 0x11e4 MBR partitions: 01:38:21.0306 0x11e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 01:38:21.0306 0x11e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800 01:38:21.0306 0x11e4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000 01:38:21.0306 0x11e4 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 01:38:21.0306 0x11e4 ============================================================ 01:38:21.0387 0x11e4 C: <-> \Device\Harddisk0\DR0\Partition2 01:38:21.0445 0x11e4 D: <-> \Device\Harddisk0\DR0\Partition3 01:38:21.0491 0x11e4 F: <-> \Device\Harddisk0\DR0\Partition4 01:38:21.0532 0x11e4 ============================================================ 01:38:21.0532 0x11e4 Initialize success 01:38:21.0532 0x11e4 ============================================================ 01:38:25.0502 0x10ac ============================================================ 01:38:25.0502 0x10ac Scan started 01:38:25.0502 0x10ac Mode: Manual; 01:38:25.0502 0x10ac ============================================================ 01:38:25.0502 0x10ac KSN ping started 01:38:48.0887 0x10ac KSN ping finished: true 01:38:49.0148 0x10ac ================ Scan system memory ======================== 01:38:49.0148 0x10ac System memory - ok 01:38:49.0149 0x10ac ================ Scan services ============================= 01:38:49.0319 0x10ac [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 01:38:49.0326 0x10ac 1394ohci - ok 01:38:49.0396 0x10ac [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 01:38:49.0406 0x10ac ACPI - ok 01:38:49.0426 0x10ac [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 01:38:49.0428 0x10ac AcpiPmi - ok 01:38:49.0525 0x10ac [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01:38:49.0531 0x10ac AdobeFlashPlayerUpdateSvc - ok 01:38:49.0586 0x10ac [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 01:38:49.0600 0x10ac adp94xx - ok 01:38:49.0631 0x10ac [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 01:38:49.0641 0x10ac adpahci - ok 01:38:49.0669 0x10ac [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 01:38:49.0674 0x10ac adpu320 - ok 01:38:49.0716 0x10ac [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 01:38:49.0719 0x10ac AeLookupSvc - ok 01:38:49.0786 0x10ac [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 01:38:49.0789 0x10ac AERTFilters - ok 01:38:49.0833 0x10ac [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 01:38:49.0846 0x10ac AFD - ok 01:38:49.0882 0x10ac [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 01:38:49.0885 0x10ac agp440 - ok 01:38:49.0911 0x10ac [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 01:38:49.0914 0x10ac ALG - ok 01:38:49.0937 0x10ac [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 01:38:49.0939 0x10ac aliide - ok 01:38:49.0949 0x10ac [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 01:38:49.0951 0x10ac amdide - ok 01:38:49.0975 0x10ac [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 01:38:49.0978 0x10ac AmdK8 - ok 01:38:50.0000 0x10ac [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 01:38:50.0003 0x10ac AmdPPM - ok 01:38:50.0040 0x10ac [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 01:38:50.0044 0x10ac amdsata - ok 01:38:50.0071 0x10ac [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 01:38:50.0077 0x10ac amdsbs - ok 01:38:50.0113 0x10ac [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 01:38:50.0114 0x10ac amdxata - ok 01:38:50.0152 0x10ac [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 01:38:50.0155 0x10ac AppID - ok 01:38:50.0187 0x10ac [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 01:38:50.0189 0x10ac AppIDSvc - ok 01:38:50.0221 0x10ac [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 01:38:50.0224 0x10ac Appinfo - ok 01:38:50.0257 0x10ac [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 01:38:50.0260 0x10ac arc - ok 01:38:50.0311 0x10ac [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 01:38:50.0314 0x10ac arcsas - ok 01:38:50.0496 0x10ac [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 01:38:50.0500 0x10ac aspnet_state - ok 01:38:50.0529 0x10ac [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 01:38:50.0530 0x10ac AsyncMac - ok 01:38:50.0556 0x10ac [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 01:38:50.0557 0x10ac atapi - ok 01:38:50.0599 0x10ac [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 01:38:50.0618 0x10ac AudioEndpointBuilder - ok 01:38:50.0644 0x10ac [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 01:38:50.0659 0x10ac AudioSrv - ok 01:38:50.0679 0x10ac [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 01:38:50.0683 0x10ac AxInstSV - ok 01:38:50.0734 0x10ac [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 01:38:50.0747 0x10ac b06bdrv - ok 01:38:50.0783 0x10ac [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 01:38:50.0791 0x10ac b57nd60a - ok 01:38:50.0857 0x10ac [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 01:38:50.0892 0x10ac BCM43XX - ok 01:38:50.0925 0x10ac [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 01:38:50.0928 0x10ac BDESVC - ok 01:38:50.0943 0x10ac [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 01:38:50.0944 0x10ac Beep - ok 01:38:50.0984 0x10ac [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 01:38:51.0000 0x10ac BFE - ok 01:38:51.0077 0x10ac [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 01:38:51.0162 0x10ac BITS - ok 01:38:51.0188 0x10ac [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 01:38:51.0190 0x10ac blbdrive - ok 01:38:51.0216 0x10ac [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 01:38:51.0220 0x10ac bowser - ok 01:38:51.0247 0x10ac [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 01:38:51.0249 0x10ac BrFiltLo - ok 01:38:51.0269 0x10ac [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 01:38:51.0270 0x10ac BrFiltUp - ok 01:38:51.0304 0x10ac [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 01:38:51.0309 0x10ac Browser - ok 01:38:51.0331 0x10ac [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 01:38:51.0339 0x10ac Brserid - ok 01:38:51.0352 0x10ac [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 01:38:51.0354 0x10ac BrSerWdm - ok 01:38:51.0386 0x10ac [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 01:38:51.0388 0x10ac BrUsbMdm - ok 01:38:51.0421 0x10ac [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 01:38:51.0423 0x10ac BrUsbSer - ok 01:38:51.0451 0x10ac [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 01:38:51.0454 0x10ac BTHMODEM - ok 01:38:51.0486 0x10ac [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 01:38:51.0490 0x10ac bthserv - ok 01:38:51.0519 0x10ac [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 01:38:51.0522 0x10ac cdfs - ok 01:38:51.0551 0x10ac [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 01:38:51.0555 0x10ac cdrom - ok 01:38:51.0576 0x10ac [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 01:38:51.0579 0x10ac CertPropSvc - ok 01:38:51.0591 0x10ac [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 01:38:51.0593 0x10ac circlass - ok 01:38:51.0626 0x10ac [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 01:38:51.0635 0x10ac CLFS - ok 01:38:51.0709 0x10ac [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:38:51.0712 0x10ac clr_optimization_v2.0.50727_32 - ok 01:38:51.0741 0x10ac [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 01:38:51.0745 0x10ac clr_optimization_v2.0.50727_64 - ok 01:38:51.0845 0x10ac [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:38:51.0990 0x10ac clr_optimization_v4.0.30319_32 - ok 01:38:52.0024 0x10ac [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 01:38:52.0150 0x10ac clr_optimization_v4.0.30319_64 - ok 01:38:52.0171 0x10ac [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 01:38:52.0173 0x10ac clwvd - ok 01:38:52.0200 0x10ac [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 01:38:52.0202 0x10ac CmBatt - ok 01:38:52.0238 0x10ac [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 01:38:52.0240 0x10ac cmdide - ok 01:38:52.0287 0x10ac [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 01:38:52.0299 0x10ac CNG - ok 01:38:52.0333 0x10ac [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 01:38:52.0335 0x10ac Compbatt - ok 01:38:52.0371 0x10ac [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 01:38:52.0373 0x10ac CompositeBus - ok 01:38:52.0379 0x10ac COMSysApp - ok 01:38:52.0412 0x10ac [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 01:38:52.0414 0x10ac crcdisk - ok 01:38:52.0463 0x10ac [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 01:38:52.0469 0x10ac CryptSvc - ok 01:38:52.0625 0x10ac [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 01:38:52.0646 0x10ac cvhsvc - ok 01:38:52.0697 0x10ac [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 01:38:52.0710 0x10ac DcomLaunch - ok 01:38:52.0751 0x10ac [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 01:38:52.0759 0x10ac defragsvc - ok 01:38:52.0788 0x10ac [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 01:38:52.0792 0x10ac DfsC - ok 01:38:52.0822 0x10ac [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 01:38:52.0831 0x10ac Dhcp - ok 01:38:52.0843 0x10ac [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 01:38:52.0844 0x10ac discache - ok 01:38:52.0873 0x10ac [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 01:38:52.0876 0x10ac Disk - ok 01:38:52.0914 0x10ac [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 01:38:52.0920 0x10ac Dnscache - ok 01:38:52.0946 0x10ac [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 01:38:52.0953 0x10ac dot3svc - ok 01:38:52.0979 0x10ac [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 01:38:52.0984 0x10ac DPS - ok 01:38:53.0024 0x10ac [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 01:38:53.0026 0x10ac drmkaud - ok 01:38:53.0100 0x10ac [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 01:38:53.0125 0x10ac DXGKrnl - ok 01:38:53.0182 0x10ac [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 01:38:53.0186 0x10ac EapHost - ok 01:38:53.0328 0x10ac [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 01:38:53.0411 0x10ac ebdrv - ok 01:38:53.0459 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 01:38:53.0461 0x10ac EFS - ok 01:38:53.0535 0x10ac [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 01:38:53.0553 0x10ac ehRecvr - ok 01:38:53.0573 0x10ac [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 01:38:53.0577 0x10ac ehSched - ok 01:38:53.0608 0x10ac [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 01:38:53.0622 0x10ac elxstor - ok 01:38:53.0659 0x10ac [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 01:38:53.0661 0x10ac ErrDev - ok 01:38:53.0715 0x10ac [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 01:38:53.0726 0x10ac EventSystem - ok 01:38:53.0749 0x10ac [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 01:38:53.0755 0x10ac exfat - ok 01:38:53.0790 0x10ac [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 01:38:53.0796 0x10ac fastfat - ok 01:38:53.0829 0x10ac [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 01:38:53.0847 0x10ac Fax - ok 01:38:53.0877 0x10ac [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 01:38:53.0879 0x10ac fdc - ok 01:38:53.0899 0x10ac [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 01:38:53.0900 0x10ac fdPHost - ok 01:38:53.0915 0x10ac [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 01:38:53.0918 0x10ac FDResPub - ok 01:38:53.0943 0x10ac [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 01:38:53.0946 0x10ac FileInfo - ok 01:38:53.0956 0x10ac [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 01:38:53.0958 0x10ac Filetrace - ok 01:38:53.0968 0x10ac [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 01:38:53.0969 0x10ac flpydisk - ok 01:38:53.0997 0x10ac [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 01:38:54.0006 0x10ac FltMgr - ok 01:38:54.0060 0x10ac [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 01:38:54.0090 0x10ac FontCache - ok 01:38:54.0147 0x10ac [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 01:38:54.0150 0x10ac FontCache3.0.0.0 - ok 01:38:54.0169 0x10ac [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 01:38:54.0172 0x10ac FsDepends - ok 01:38:54.0204 0x10ac [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 01:38:54.0206 0x10ac Fs_Rec - ok 01:38:54.0253 0x10ac [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 01:38:54.0259 0x10ac fvevol - ok 01:38:54.0283 0x10ac [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 01:38:54.0286 0x10ac gagp30kx - ok 01:38:54.0342 0x10ac [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 01:38:54.0350 0x10ac GameConsoleService - ok 01:38:54.0416 0x10ac [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 01:38:54.0433 0x10ac gpsvc - ok 01:38:54.0493 0x10ac [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:38:54.0496 0x10ac gupdate - ok 01:38:54.0504 0x10ac [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:38:54.0507 0x10ac gupdatem - ok 01:38:54.0557 0x10ac [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 01:38:54.0559 0x10ac hcw85cir - ok 01:38:54.0594 0x10ac [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 01:38:54.0604 0x10ac HdAudAddService - ok 01:38:54.0634 0x10ac [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 01:38:54.0638 0x10ac HDAudBus - ok 01:38:54.0658 0x10ac [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 01:38:54.0660 0x10ac HidBatt - ok 01:38:54.0681 0x10ac [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 01:38:54.0685 0x10ac HidBth - ok 01:38:54.0711 0x10ac [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 01:38:54.0713 0x10ac HidIr - ok 01:38:54.0732 0x10ac [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 01:38:54.0735 0x10ac hidserv - ok 01:38:54.0769 0x10ac [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 01:38:54.0771 0x10ac HidUsb - ok 01:38:54.0805 0x10ac [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 01:38:54.0809 0x10ac hkmsvc - ok 01:38:54.0829 0x10ac [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 01:38:54.0836 0x10ac HomeGroupListener - ok 01:38:54.0872 0x10ac [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 01:38:54.0879 0x10ac HomeGroupProvider - ok 01:38:54.0938 0x10ac [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 01:38:54.0941 0x10ac HP Support Assistant Service - ok 01:38:54.0979 0x10ac [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 01:38:54.0982 0x10ac HP Wireless Assistant Service - ok 01:38:55.0011 0x10ac [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 01:38:55.0019 0x10ac HPClientSvc - ok 01:38:55.0098 0x10ac [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 01:38:55.0124 0x10ac hpqwmiex - ok 01:38:55.0161 0x10ac [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 01:38:55.0164 0x10ac HpSAMD - ok 01:38:55.0215 0x10ac [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 01:38:55.0217 0x10ac HPWMISVC - ok 01:38:55.0270 0x10ac [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 01:38:55.0289 0x10ac HTTP - ok 01:38:55.0304 0x10ac [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 01:38:55.0305 0x10ac hwpolicy - ok 01:38:55.0354 0x10ac [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 01:38:55.0358 0x10ac i8042prt - ok 01:38:55.0397 0x10ac [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 01:38:55.0410 0x10ac iaStor - ok 01:38:55.0462 0x10ac [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 01:38:55.0464 0x10ac IAStorDataMgrSvc - ok 01:38:55.0505 0x10ac [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 01:38:55.0516 0x10ac iaStorV - ok 01:38:55.0728 0x10ac [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 01:38:55.0819 0x10ac IconMan_R - ok 01:38:55.0886 0x10ac [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 01:38:55.0909 0x10ac idsvc - ok 01:38:55.0948 0x10ac IEEtwCollectorService - ok 01:38:56.0329 0x10ac [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 01:38:56.0677 0x10ac igfx - ok 01:38:56.0780 0x10ac [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 01:38:56.0782 0x10ac iirsp - ok 01:38:56.0841 0x10ac [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 01:38:56.0860 0x10ac IKEEXT - ok 01:38:57.0037 0x10ac [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 01:38:57.0172 0x10ac IntcAzAudAddService - ok 01:38:57.0204 0x10ac [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 01:38:57.0206 0x10ac intelide - ok 01:38:57.0245 0x10ac [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 01:38:57.0248 0x10ac intelppm - ok 01:38:57.0272 0x10ac [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 01:38:57.0277 0x10ac IPBusEnum - ok 01:38:57.0300 0x10ac [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 01:38:57.0303 0x10ac IpFilterDriver - ok 01:38:57.0349 0x10ac [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 01:38:57.0365 0x10ac iphlpsvc - ok 01:38:57.0397 0x10ac [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 01:38:57.0400 0x10ac IPMIDRV - ok 01:38:57.0428 0x10ac [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 01:38:57.0432 0x10ac IPNAT - ok 01:38:57.0458 0x10ac [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 01:38:57.0460 0x10ac IRENUM - ok 01:38:57.0484 0x10ac [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 01:38:57.0486 0x10ac isapnp - ok 01:38:57.0530 0x10ac [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 01:38:57.0538 0x10ac iScsiPrt - ok 01:38:57.0564 0x10ac [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 01:38:57.0567 0x10ac kbdclass - ok 01:38:57.0595 0x10ac [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 01:38:57.0597 0x10ac kbdhid - ok 01:38:57.0626 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 01:38:57.0628 0x10ac KeyIso - ok 01:38:57.0662 0x10ac [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 01:38:57.0666 0x10ac KSecDD - ok 01:38:57.0751 0x10ac [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 01:38:57.0756 0x10ac KSecPkg - ok 01:38:57.0795 0x10ac [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 01:38:57.0797 0x10ac ksthunk - ok 01:38:57.0847 0x10ac [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 01:38:57.0858 0x10ac KtmRm - ok 01:38:57.0893 0x10ac [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 01:38:57.0900 0x10ac LanmanServer - ok 01:38:57.0922 0x10ac [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 01:38:57.0927 0x10ac LanmanWorkstation - ok 01:38:57.0962 0x10ac [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 01:38:57.0965 0x10ac lltdio - ok 01:38:58.0004 0x10ac [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 01:38:58.0013 0x10ac lltdsvc - ok 01:38:58.0049 0x10ac [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 01:38:58.0052 0x10ac lmhosts - ok 01:38:58.0078 0x10ac [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 01:38:58.0082 0x10ac LSI_FC - ok 01:38:58.0111 0x10ac [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 01:38:58.0115 0x10ac LSI_SAS - ok 01:38:58.0130 0x10ac [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 01:38:58.0133 0x10ac LSI_SAS2 - ok 01:38:58.0151 0x10ac [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 01:38:58.0155 0x10ac LSI_SCSI - ok 01:38:58.0180 0x10ac [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 01:38:58.0211 0x10ac luafv - ok 01:38:58.0275 0x10ac [ 4A1356200B82B852E137B687F03E8054, 54BAA2726BD19B61F694D316C1F0127ABFF66D06913668A2FAF044F09ADC4287 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys 01:38:58.0279 0x10ac mbamchameleon - ok 01:38:58.0351 0x10ac [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 01:38:58.0353 0x10ac MBAMProtector - ok 01:38:58.0511 0x10ac [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe 01:38:58.0559 0x10ac MBAMScheduler - ok 01:38:58.0637 0x10ac [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe 01:38:58.0659 0x10ac MBAMService - ok 01:38:58.0718 0x10ac [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 01:38:58.0722 0x10ac MBAMSwissArmy - ok 01:38:58.0768 0x10ac [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 01:38:58.0770 0x10ac MBAMWebAccessControl - ok 01:38:58.0809 0x10ac [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 01:38:58.0813 0x10ac Mcx2Svc - ok 01:38:58.0846 0x10ac [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 01:38:58.0848 0x10ac megasas - ok 01:38:58.0871 0x10ac [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 01:38:58.0879 0x10ac MegaSR - ok 01:38:58.0908 0x10ac [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 01:38:58.0911 0x10ac MMCSS - ok 01:38:58.0940 0x10ac [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 01:38:58.0942 0x10ac Modem - ok 01:38:58.0961 0x10ac [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 01:38:58.0962 0x10ac monitor - ok 01:38:58.0991 0x10ac [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 01:38:58.0993 0x10ac mouclass - ok 01:38:59.0009 0x10ac [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys 01:38:59.0011 0x10ac mouhid - ok 01:38:59.0026 0x10ac [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 01:38:59.0029 0x10ac mountmgr - ok 01:38:59.0084 0x10ac [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 01:38:59.0088 0x10ac MozillaMaintenance - ok 01:38:59.0143 0x10ac [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 01:38:59.0150 0x10ac MpFilter - ok 01:38:59.0191 0x10ac [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 01:38:59.0196 0x10ac mpio - ok 01:38:59.0220 0x10ac [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 01:38:59.0224 0x10ac mpsdrv - ok 01:38:59.0281 0x10ac [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 01:38:59.0301 0x10ac MpsSvc - ok 01:38:59.0344 0x10ac [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 01:38:59.0349 0x10ac MRxDAV - ok 01:38:59.0385 0x10ac [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 01:38:59.0390 0x10ac mrxsmb - ok 01:38:59.0406 0x10ac [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 01:38:59.0414 0x10ac mrxsmb10 - ok 01:38:59.0424 0x10ac [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 01:38:59.0428 0x10ac mrxsmb20 - ok 01:38:59.0459 0x10ac [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 01:38:59.0461 0x10ac msahci - ok 01:38:59.0486 0x10ac [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 01:38:59.0490 0x10ac msdsm - ok 01:38:59.0530 0x10ac [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 01:38:59.0536 0x10ac MSDTC - ok 01:38:59.0570 0x10ac [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 01:38:59.0572 0x10ac Msfs - ok 01:38:59.0589 0x10ac [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 01:38:59.0591 0x10ac mshidkmdf - ok 01:38:59.0612 0x10ac [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 01:38:59.0614 0x10ac msisadrv - ok 01:38:59.0646 0x10ac [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 01:38:59.0651 0x10ac MSiSCSI - ok 01:38:59.0658 0x10ac msiserver - ok 01:38:59.0680 0x10ac [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 01:38:59.0682 0x10ac MSKSSRV - ok 01:38:59.0737 0x10ac [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 01:38:59.0739 0x10ac MsMpSvc - ok 01:38:59.0761 0x10ac [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 01:38:59.0763 0x10ac MSPCLOCK - ok 01:38:59.0794 0x10ac [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 01:38:59.0796 0x10ac MSPQM - ok 01:38:59.0822 0x10ac [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 01:38:59.0832 0x10ac MsRPC - ok 01:38:59.0869 0x10ac [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 01:38:59.0871 0x10ac mssmbios - ok 01:38:59.0890 0x10ac [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 01:38:59.0891 0x10ac MSTEE - ok 01:38:59.0909 0x10ac [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 01:38:59.0911 0x10ac MTConfig - ok 01:38:59.0934 0x10ac [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 01:38:59.0937 0x10ac Mup - ok 01:38:59.0979 0x10ac [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 01:38:59.0992 0x10ac napagent - ok 01:39:00.0019 0x10ac [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 01:39:00.0028 0x10ac NativeWifiP - ok 01:39:00.0083 0x10ac [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 01:39:00.0109 0x10ac NDIS - ok 01:39:00.0130 0x10ac [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 01:39:00.0132 0x10ac NdisCap - ok 01:39:00.0153 0x10ac [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 01:39:00.0155 0x10ac NdisTapi - ok 01:39:00.0172 0x10ac [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 01:39:00.0175 0x10ac Ndisuio - ok 01:39:00.0206 0x10ac [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 01:39:00.0211 0x10ac NdisWan - ok 01:39:00.0253 0x10ac [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 01:39:00.0255 0x10ac NDProxy - ok 01:39:00.0271 0x10ac [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 01:39:00.0273 0x10ac NetBIOS - ok 01:39:00.0292 0x10ac [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 01:39:00.0299 0x10ac NetBT - ok 01:39:00.0325 0x10ac [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 01:39:00.0328 0x10ac Netlogon - ok 01:39:00.0366 0x10ac [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 01:39:00.0376 0x10ac Netman - ok 01:39:00.0450 0x10ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:39:00.0509 0x10ac NetMsmqActivator - ok 01:39:00.0562 0x10ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:39:00.0566 0x10ac NetPipeActivator - ok 01:39:00.0615 0x10ac [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 01:39:00.0629 0x10ac netprofm - ok 01:39:00.0647 0x10ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:39:00.0651 0x10ac NetTcpActivator - ok 01:39:00.0659 0x10ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:39:00.0663 0x10ac NetTcpPortSharing - ok 01:39:00.0688 0x10ac [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 01:39:00.0691 0x10ac nfrd960 - ok 01:39:00.0746 0x10ac [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 01:39:00.0750 0x10ac NisDrv - ok 01:39:00.0781 0x10ac [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 01:39:00.0790 0x10ac NisSrv - ok 01:39:00.0830 0x10ac [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 01:39:00.0838 0x10ac NlaSvc - ok 01:39:00.0871 0x10ac [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
It seems nothing was detected. Should I restart? -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/9/2014 Scan Time: 4:54:51 AM Logfile: Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.09.03 Rootkit Database: v2014.03.27.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: walmart Scan Type: Custom Scan Result: Completed Objects Scanned: 199919 Time Elapsed: 23 min, 57 sec Memory: Disabled Startup: Disabled Filesystem: Disabled Archives: Disabled Rootkits: Enabled Deep Rootkit Scan: Enabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 1 Forged physical sector, Physical Sector #625142190 on Drive #0, No Action By User, [de03fe65a6765caa8c91343acc62cffc], (end) -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
03:17:38.0245 0x0824 KSecPkg - ok 03:17:38.0284 0x0824 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 03:17:38.0286 0x0824 ksthunk - ok 03:17:38.0325 0x0824 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 03:17:38.0337 0x0824 KtmRm - ok 03:17:38.0371 0x0824 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 03:17:38.0380 0x0824 LanmanServer - ok 03:17:38.0400 0x0824 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 03:17:38.0408 0x0824 LanmanWorkstation - ok 03:17:38.0440 0x0824 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 03:17:38.0442 0x0824 lltdio - ok 03:17:38.0482 0x0824 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 03:17:38.0492 0x0824 lltdsvc - ok 03:17:38.0538 0x0824 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 03:17:38.0542 0x0824 lmhosts - ok 03:17:38.0567 0x0824 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 03:17:38.0571 0x0824 LSI_FC - ok 03:17:38.0600 0x0824 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 03:17:38.0604 0x0824 LSI_SAS - ok 03:17:38.0619 0x0824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 03:17:38.0622 0x0824 LSI_SAS2 - ok 03:17:38.0640 0x0824 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 03:17:38.0644 0x0824 LSI_SCSI - ok 03:17:38.0669 0x0824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 03:17:38.0673 0x0824 luafv - ok 03:17:38.0729 0x0824 [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 03:17:38.0731 0x0824 MBAMProtector - ok 03:17:38.0855 0x0824 [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe 03:17:38.0894 0x0824 MBAMScheduler - ok 03:17:38.0970 0x0824 [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe 03:17:38.0989 0x0824 MBAMService - ok 03:17:39.0061 0x0824 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 03:17:39.0065 0x0824 MBAMSwissArmy - ok 03:17:39.0113 0x0824 [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 03:17:39.0115 0x0824 MBAMWebAccessControl - ok 03:17:39.0153 0x0824 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 03:17:39.0158 0x0824 Mcx2Svc - ok 03:17:39.0190 0x0824 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 03:17:39.0193 0x0824 megasas - ok 03:17:39.0216 0x0824 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 03:17:39.0224 0x0824 MegaSR - ok 03:17:39.0252 0x0824 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 03:17:39.0256 0x0824 MMCSS - ok 03:17:39.0285 0x0824 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 03:17:39.0287 0x0824 Modem - ok 03:17:39.0305 0x0824 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 03:17:39.0307 0x0824 monitor - ok 03:17:39.0335 0x0824 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 03:17:39.0338 0x0824 mouclass - ok 03:17:39.0353 0x0824 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys 03:17:39.0355 0x0824 mouhid - ok 03:17:39.0369 0x0824 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 03:17:39.0373 0x0824 mountmgr - ok 03:17:39.0429 0x0824 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 03:17:39.0432 0x0824 MozillaMaintenance - ok 03:17:39.0469 0x0824 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 03:17:39.0474 0x0824 mpio - ok 03:17:39.0498 0x0824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 03:17:39.0501 0x0824 mpsdrv - ok 03:17:39.0559 0x0824 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 03:17:39.0583 0x0824 MpsSvc - ok 03:17:39.0622 0x0824 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 03:17:39.0627 0x0824 MRxDAV - ok 03:17:39.0674 0x0824 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 03:17:39.0679 0x0824 mrxsmb - ok 03:17:39.0695 0x0824 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 03:17:39.0703 0x0824 mrxsmb10 - ok 03:17:39.0713 0x0824 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 03:17:39.0718 0x0824 mrxsmb20 - ok 03:17:39.0748 0x0824 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 03:17:39.0750 0x0824 msahci - ok 03:17:39.0774 0x0824 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 03:17:39.0780 0x0824 msdsm - ok 03:17:39.0819 0x0824 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 03:17:39.0826 0x0824 MSDTC - ok 03:17:39.0859 0x0824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 03:17:39.0861 0x0824 Msfs - ok 03:17:39.0878 0x0824 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 03:17:39.0880 0x0824 mshidkmdf - ok 03:17:39.0901 0x0824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 03:17:39.0903 0x0824 msisadrv - ok 03:17:39.0935 0x0824 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 03:17:39.0941 0x0824 MSiSCSI - ok 03:17:39.0947 0x0824 msiserver - ok 03:17:39.0969 0x0824 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 03:17:39.0980 0x0824 MSKSSRV - ok 03:17:39.0995 0x0824 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 03:17:39.0996 0x0824 MSPCLOCK - ok 03:17:40.0016 0x0824 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 03:17:40.0018 0x0824 MSPQM - ok 03:17:40.0044 0x0824 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 03:17:40.0054 0x0824 MsRPC - ok 03:17:40.0092 0x0824 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 03:17:40.0094 0x0824 mssmbios - ok 03:17:40.0112 0x0824 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 03:17:40.0124 0x0824 MSTEE - ok 03:17:40.0142 0x0824 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 03:17:40.0144 0x0824 MTConfig - ok 03:17:40.0168 0x0824 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 03:17:40.0170 0x0824 Mup - ok 03:17:40.0213 0x0824 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 03:17:40.0227 0x0824 napagent - ok 03:17:40.0253 0x0824 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 03:17:40.0262 0x0824 NativeWifiP - ok 03:17:40.0340 0x0824 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 03:17:40.0365 0x0824 NDIS - ok 03:17:40.0397 0x0824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 03:17:40.0399 0x0824 NdisCap - ok 03:17:40.0419 0x0824 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 03:17:40.0421 0x0824 NdisTapi - ok 03:17:40.0439 0x0824 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 03:17:40.0442 0x0824 Ndisuio - ok 03:17:40.0452 0x0824 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 03:17:40.0457 0x0824 NdisWan - ok 03:17:40.0475 0x0824 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 03:17:40.0478 0x0824 NDProxy - ok 03:17:40.0493 0x0824 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 03:17:40.0496 0x0824 NetBIOS - ok 03:17:40.0514 0x0824 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 03:17:40.0522 0x0824 NetBT - ok 03:17:40.0548 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 03:17:40.0551 0x0824 Netlogon - ok 03:17:40.0600 0x0824 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 03:17:40.0612 0x0824 Netman - ok 03:17:40.0637 0x0824 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 03:17:40.0651 0x0824 netprofm - ok 03:17:40.0681 0x0824 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 03:17:40.0685 0x0824 NetTcpPortSharing - ok 03:17:40.0699 0x0824 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 03:17:40.0702 0x0824 nfrd960 - ok 03:17:40.0741 0x0824 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 03:17:40.0751 0x0824 NlaSvc - ok 03:17:40.0783 0x0824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 03:17:40.0785 0x0824 Npfs - ok 03:17:40.0815 0x0824 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 03:17:40.0819 0x0824 nsi - ok 03:17:40.0836 0x0824 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 03:17:40.0837 0x0824 nsiproxy - ok 03:17:40.0922 0x0824 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 03:17:40.0979 0x0824 Ntfs - ok 03:17:41.0009 0x0824 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 03:17:41.0010 0x0824 Null - ok 03:17:41.0036 0x0824 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 03:17:41.0048 0x0824 NVENETFD - ok 03:17:41.0068 0x0824 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 03:17:41.0073 0x0824 nvraid - ok 03:17:41.0103 0x0824 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 03:17:41.0108 0x0824 nvstor - ok 03:17:41.0145 0x0824 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 03:17:41.0149 0x0824 nv_agp - ok 03:17:41.0171 0x0824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 03:17:41.0174 0x0824 ohci1394 - ok 03:17:41.0210 0x0824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 03:17:41.0216 0x0824 ose - ok 03:17:41.0417 0x0824 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 03:17:41.0577 0x0824 osppsvc - ok 03:17:41.0618 0x0824 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 03:17:41.0628 0x0824 p2pimsvc - ok 03:17:41.0652 0x0824 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 03:17:41.0666 0x0824 p2psvc - ok 03:17:41.0692 0x0824 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 03:17:41.0696 0x0824 Parport - ok 03:17:41.0724 0x0824 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 03:17:41.0727 0x0824 partmgr - ok 03:17:41.0751 0x0824 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 03:17:41.0759 0x0824 PcaSvc - ok 03:17:41.0770 0x0824 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 03:17:41.0776 0x0824 pci - ok 03:17:41.0800 0x0824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 03:17:41.0801 0x0824 pciide - ok 03:17:41.0832 0x0824 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 03:17:41.0838 0x0824 pcmcia - ok 03:17:41.0870 0x0824 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 03:17:41.0873 0x0824 pcw - ok 03:17:41.0906 0x0824 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 03:17:41.0924 0x0824 PEAUTH - ok 03:17:41.0985 0x0824 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 03:17:41.0988 0x0824 PerfHost - ok 03:17:42.0070 0x0824 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 03:17:42.0108 0x0824 pla - ok 03:17:42.0150 0x0824 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 03:17:42.0164 0x0824 PlugPlay - ok 03:17:42.0179 0x0824 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 03:17:42.0183 0x0824 PNRPAutoReg - ok 03:17:42.0218 0x0824 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 03:17:42.0228 0x0824 PNRPsvc - ok 03:17:42.0280 0x0824 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 03:17:42.0295 0x0824 PolicyAgent - ok 03:17:42.0331 0x0824 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 03:17:42.0340 0x0824 Power - ok 03:17:42.0369 0x0824 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 03:17:42.0373 0x0824 PptpMiniport - ok 03:17:42.0393 0x0824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 03:17:42.0396 0x0824 Processor - ok 03:17:42.0429 0x0824 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 03:17:42.0437 0x0824 ProfSvc - ok 03:17:42.0459 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 03:17:42.0462 0x0824 ProtectedStorage - ok 03:17:42.0491 0x0824 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 03:17:42.0495 0x0824 Psched - ok 03:17:42.0573 0x0824 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 03:17:42.0613 0x0824 ql2300 - ok 03:17:42.0647 0x0824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 03:17:42.0652 0x0824 ql40xx - ok 03:17:42.0683 0x0824 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 03:17:42.0693 0x0824 QWAVE - ok 03:17:42.0727 0x0824 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 03:17:42.0729 0x0824 QWAVEdrv - ok 03:17:42.0752 0x0824 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 03:17:42.0753 0x0824 RasAcd - ok 03:17:42.0774 0x0824 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 03:17:42.0777 0x0824 RasAgileVpn - ok 03:17:42.0797 0x0824 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 03:17:42.0804 0x0824 RasAuto - ok 03:17:42.0814 0x0824 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 03:17:42.0818 0x0824 Rasl2tp - ok 03:17:42.0850 0x0824 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 03:17:42.0863 0x0824 RasMan - ok 03:17:42.0872 0x0824 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 03:17:42.0875 0x0824 RasPppoe - ok 03:17:42.0891 0x0824 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 03:17:42.0895 0x0824 RasSstp - ok 03:17:42.0935 0x0824 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 03:17:42.0944 0x0824 rdbss - ok 03:17:42.0961 0x0824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 03:17:42.0963 0x0824 rdpbus - ok 03:17:42.0977 0x0824 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 03:17:42.0979 0x0824 RDPCDD - ok 03:17:42.0988 0x0824 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 03:17:42.0989 0x0824 RDPENCDD - ok 03:17:43.0000 0x0824 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 03:17:43.0001 0x0824 RDPREFMP - ok 03:17:43.0038 0x0824 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 03:17:43.0045 0x0824 RDPWD - ok 03:17:43.0075 0x0824 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 03:17:43.0082 0x0824 rdyboost - ok 03:17:43.0126 0x0824 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 03:17:43.0131 0x0824 RemoteAccess - ok 03:17:43.0164 0x0824 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 03:17:43.0172 0x0824 RemoteRegistry - ok 03:17:43.0215 0x0824 [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 03:17:43.0226 0x0824 RoxioNow Service - ok 03:17:43.0247 0x0824 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 03:17:43.0252 0x0824 RpcEptMapper - ok 03:17:43.0273 0x0824 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 03:17:43.0276 0x0824 RpcLocator - ok 03:17:43.0308 0x0824 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 03:17:43.0322 0x0824 RpcSs - ok 03:17:43.0410 0x0824 [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 03:17:43.0419 0x0824 RSPCIESTOR - ok 03:17:43.0453 0x0824 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 03:17:43.0456 0x0824 rspndr - ok 03:17:43.0524 0x0824 [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 03:17:43.0532 0x0824 RtkAudioService - ok 03:17:43.0619 0x0824 [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 03:17:43.0642 0x0824 RTL8167 - ok 03:17:43.0725 0x0824 [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 03:17:43.0755 0x0824 RTL8192Ce - ok 03:17:43.0781 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 03:17:43.0784 0x0824 SamSs - ok 03:17:43.0818 0x0824 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 03:17:43.0822 0x0824 sbp2port - ok 03:17:43.0858 0x0824 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 03:17:43.0867 0x0824 SCardSvr - ok 03:17:43.0887 0x0824 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 03:17:43.0889 0x0824 scfilter - ok 03:17:43.0942 0x0824 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 03:17:43.0969 0x0824 Schedule - ok 03:17:44.0009 0x0824 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 03:17:44.0011 0x0824 SCPolicySvc - ok 03:17:44.0030 0x0824 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 03:17:44.0034 0x0824 sdbus - ok 03:17:44.0064 0x0824 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 03:17:44.0072 0x0824 SDRSVC - ok 03:17:44.0085 0x0824 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 03:17:44.0087 0x0824 secdrv - ok 03:17:44.0109 0x0824 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 03:17:44.0114 0x0824 seclogon - ok 03:17:44.0133 0x0824 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 03:17:44.0139 0x0824 SENS - ok 03:17:44.0145 0x0824 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 03:17:44.0151 0x0824 SensrSvc - ok 03:17:44.0170 0x0824 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 03:17:44.0172 0x0824 Serenum - ok 03:17:44.0205 0x0824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 03:17:44.0209 0x0824 Serial - ok 03:17:44.0250 0x0824 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 03:17:44.0252 0x0824 sermouse - ok 03:17:44.0296 0x0824 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 03:17:44.0303 0x0824 SessionEnv - ok 03:17:44.0328 0x0824 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 03:17:44.0330 0x0824 sffdisk - ok 03:17:44.0350 0x0824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 03:17:44.0352 0x0824 sffp_mmc - ok 03:17:44.0379 0x0824 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 03:17:44.0381 0x0824 sffp_sd - ok 03:17:44.0389 0x0824 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 03:17:44.0390 0x0824 sfloppy - ok 03:17:44.0439 0x0824 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 03:17:44.0459 0x0824 Sftfs - ok 03:17:44.0530 0x0824 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 03:17:44.0544 0x0824 sftlist - ok 03:17:44.0581 0x0824 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 03:17:44.0589 0x0824 Sftplay - ok 03:17:44.0608 0x0824 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 03:17:44.0610 0x0824 Sftredir - ok 03:17:44.0631 0x0824 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 03:17:44.0633 0x0824 Sftvol - ok 03:17:44.0666 0x0824 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 03:17:44.0672 0x0824 sftvsa - ok 03:17:44.0728 0x0824 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 03:17:44.0740 0x0824 SharedAccess - ok 03:17:44.0783 0x0824 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 03:17:44.0795 0x0824 ShellHWDetection - ok 03:17:44.0815 0x0824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 03:17:44.0818 0x0824 SiSRaid2 - ok 03:17:44.0852 0x0824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 03:17:44.0855 0x0824 SiSRaid4 - ok 03:17:44.0881 0x0824 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 03:17:44.0884 0x0824 Smb - ok 03:17:44.0914 0x0824 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 03:17:44.0918 0x0824 SNMPTRAP - ok 03:17:44.0938 0x0824 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 03:17:44.0940 0x0824 spldr - ok 03:17:44.0975 0x0824 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 03:17:44.0990 0x0824 Spooler - ok 03:17:45.0116 0x0824 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 03:17:45.0207 0x0824 sppsvc - ok 03:17:45.0242 0x0824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 03:17:45.0248 0x0824 sppuinotify - ok 03:17:45.0284 0x0824 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 03:17:45.0297 0x0824 srv - ok 03:17:45.0324 0x0824 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 03:17:45.0335 0x0824 srv2 - ok 03:17:45.0370 0x0824 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 03:17:45.0378 0x0824 SrvHsfHDA - ok 03:17:45.0453 0x0824 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 03:17:45.0492 0x0824 SrvHsfV92 - ok 03:17:45.0539 0x0824 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 03:17:45.0559 0x0824 SrvHsfWinac - ok 03:17:45.0593 0x0824 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 03:17:45.0599 0x0824 srvnet - ok 03:17:45.0645 0x0824 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 03:17:45.0653 0x0824 SSDPSRV - ok 03:17:45.0667 0x0824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 03:17:45.0674 0x0824 SstpSvc - ok 03:17:45.0695 0x0824 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 03:17:45.0698 0x0824 stexstor - ok 03:17:45.0726 0x0824 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 03:17:45.0743 0x0824 stisvc - ok 03:17:45.0768 0x0824 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 03:17:45.0770 0x0824 swenum - ok 03:17:45.0814 0x0824 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 03:17:45.0831 0x0824 swprv - ok 03:17:45.0886 0x0824 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 03:17:45.0897 0x0824 SynTP - ok 03:17:45.0974 0x0824 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 03:17:46.0015 0x0824 SysMain - ok 03:17:46.0052 0x0824 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 03:17:46.0058 0x0824 TabletInputService - ok 03:17:46.0088 0x0824 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 03:17:46.0100 0x0824 TapiSrv - ok 03:17:46.0120 0x0824 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 03:17:46.0126 0x0824 TBS - ok 03:17:46.0271 0x0824 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 03:17:46.0322 0x0824 Tcpip - ok 03:17:46.0386 0x0824 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 03:17:46.0429 0x0824 TCPIP6 - ok 03:17:46.0470 0x0824 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 03:17:46.0472 0x0824 tcpipreg - ok 03:17:46.0498 0x0824 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 03:17:46.0500 0x0824 TDPIPE - ok 03:17:46.0523 0x0824 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 03:17:46.0525 0x0824 TDTCP - ok 03:17:46.0547 0x0824 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 03:17:46.0551 0x0824 tdx - ok 03:17:46.0569 0x0824 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 03:17:46.0572 0x0824 TermDD - ok 03:17:46.0625 0x0824 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 03:17:46.0643 0x0824 TermService - ok 03:17:46.0665 0x0824 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 03:17:46.0671 0x0824 Themes - ok 03:17:46.0685 0x0824 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 03:17:46.0689 0x0824 THREADORDER - ok 03:17:46.0701 0x0824 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 03:17:46.0708 0x0824 TrkWks - ok 03:17:46.0759 0x0824 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 03:17:46.0765 0x0824 TrustedInstaller - ok 03:17:46.0808 0x0824 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 03:17:46.0810 0x0824 tssecsrv - ok 03:17:46.0849 0x0824 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 03:17:46.0851 0x0824 TsUsbFlt - ok 03:17:46.0867 0x0824 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 03:17:46.0869 0x0824 TsUsbGD - ok 03:17:46.0890 0x0824 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 03:17:46.0895 0x0824 tunnel - ok 03:17:46.0919 0x0824 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 03:17:46.0922 0x0824 uagp35 - ok 03:17:46.0953 0x0824 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 03:17:46.0963 0x0824 udfs - ok 03:17:46.0999 0x0824 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 03:17:47.0005 0x0824 UI0Detect - ok 03:17:47.0027 0x0824 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 03:17:47.0030 0x0824 uliagpkx - ok 03:17:47.0058 0x0824 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 03:17:47.0060 0x0824 umbus - ok 03:17:47.0091 0x0824 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 03:17:47.0093 0x0824 UmPass - ok 03:17:47.0122 0x0824 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 03:17:47.0134 0x0824 upnphost - ok 03:17:47.0167 0x0824 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 03:17:47.0171 0x0824 usbccgp - ok 03:17:47.0193 0x0824 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 03:17:47.0197 0x0824 usbcir - ok 03:17:47.0214 0x0824 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 03:17:47.0217 0x0824 usbehci - ok 03:17:47.0243 0x0824 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 03:17:47.0253 0x0824 usbhub - ok 03:17:47.0273 0x0824 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 03:17:47.0275 0x0824 usbohci - ok 03:17:47.0298 0x0824 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 03:17:47.0300 0x0824 usbprint - ok 03:17:47.0318 0x0824 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 03:17:47.0323 0x0824 USBSTOR - ok 03:17:47.0360 0x0824 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 03:17:47.0362 0x0824 usbuhci - ok 03:17:47.0406 0x0824 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 03:17:47.0412 0x0824 usbvideo - ok 03:17:47.0441 0x0824 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 03:17:47.0447 0x0824 UxSms - ok 03:17:47.0470 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 03:17:47.0473 0x0824 VaultSvc - ok 03:17:47.0495 0x0824 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 03:17:47.0497 0x0824 vdrvroot - ok 03:17:47.0530 0x0824 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 03:17:47.0547 0x0824 vds - ok 03:17:47.0582 0x0824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 03:17:47.0584 0x0824 vga - ok 03:17:47.0598 0x0824 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 03:17:47.0600 0x0824 VgaSave - ok 03:17:47.0629 0x0824 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 03:17:47.0635 0x0824 vhdmp - ok 03:17:47.0669 0x0824 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 03:17:47.0671 0x0824 viaide - ok 03:17:47.0707 0x0824 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 03:17:47.0711 0x0824 volmgr - ok 03:17:47.0735 0x0824 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 03:17:47.0745 0x0824 volmgrx - ok 03:17:47.0773 0x0824 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 03:17:47.0782 0x0824 volsnap - ok 03:17:47.0809 0x0824 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 03:17:47.0814 0x0824 vsmraid - ok 03:17:47.0894 0x0824 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 03:17:47.0939 0x0824 VSS - ok 03:17:47.0970 0x0824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 03:17:47.0972 0x0824 vwifibus - ok 03:17:47.0989 0x0824 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 03:17:47.0992 0x0824 vwififlt - ok 03:17:48.0026 0x0824 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 03:17:48.0038 0x0824 W32Time - ok 03:17:48.0057 0x0824 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 03:17:48.0060 0x0824 WacomPen - ok 03:17:48.0068 0x0824 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 03:17:48.0072 0x0824 WANARP - ok 03:17:48.0093 0x0824 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 03:17:48.0096 0x0824 Wanarpv6 - ok 03:17:48.0166 0x0824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 03:17:48.0200 0x0824 WatAdminSvc - ok 03:17:48.0276 0x0824 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 03:17:48.0318 0x0824 wbengine - ok 03:17:48.0353 0x0824 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 03:17:48.0362 0x0824 WbioSrvc - ok 03:17:48.0386 0x0824 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 03:17:48.0399 0x0824 wcncsvc - ok 03:17:48.0431 0x0824 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 03:17:48.0436 0x0824 WcsPlugInService - ok 03:17:48.0460 0x0824 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 03:17:48.0462 0x0824 Wd - ok 03:17:48.0519 0x0824 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 03:17:48.0543 0x0824 Wdf01000 - ok 03:17:48.0564 0x0824 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 03:17:48.0571 0x0824 WdiServiceHost - ok 03:17:48.0579 0x0824 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 03:17:48.0585 0x0824 WdiSystemHost - ok 03:17:48.0628 0x0824 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 03:17:48.0638 0x0824 WebClient - ok 03:17:48.0685 0x0824 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 03:17:48.0695 0x0824 Wecsvc - ok 03:17:48.0710 0x0824 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 03:17:48.0716 0x0824 wercplsupport - ok 03:17:48.0734 0x0824 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 03:17:48.0740 0x0824 WerSvc - ok 03:17:48.0765 0x0824 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 03:17:48.0766 0x0824 WfpLwf - ok 03:17:48.0785 0x0824 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 03:17:48.0787 0x0824 WIMMount - ok 03:17:48.0817 0x0824 WinDefend - ok 03:17:48.0825 0x0824 WinHttpAutoProxySvc - ok 03:17:48.0876 0x0824 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 03:17:48.0884 0x0824 Winmgmt - ok 03:17:48.0976 0x0824 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 03:17:49.0030 0x0824 WinRM - ok 03:17:49.0084 0x0824 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 03:17:49.0087 0x0824 WinUsb - ok 03:17:49.0133 0x0824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 03:17:49.0156 0x0824 Wlansvc - ok 03:17:49.0195 0x0824 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 03:17:49.0198 0x0824 wlcrasvc - ok 03:17:49.0299 0x0824 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 03:17:49.0357 0x0824 wlidsvc - ok 03:17:49.0401 0x0824 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 03:17:49.0402 0x0824 WmiAcpi - ok 03:17:49.0447 0x0824 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 03:17:49.0453 0x0824 wmiApSrv - ok 03:17:49.0483 0x0824 WMPNetworkSvc - ok 03:17:49.0511 0x0824 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 03:17:49.0516 0x0824 WPCSvc - ok 03:17:49.0530 0x0824 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 03:17:49.0538 0x0824 WPDBusEnum - ok 03:17:49.0567 0x0824 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 03:17:49.0569 0x0824 ws2ifsl - ok 03:17:49.0584 0x0824 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 03:17:49.0592 0x0824 wscsvc - ok 03:17:49.0598 0x0824 WSearch - ok 03:17:49.0707 0x0824 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 03:17:49.0771 0x0824 wuauserv - ok 03:17:49.0812 0x0824 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 03:17:49.0815 0x0824 WudfPf - ok 03:17:49.0840 0x0824 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 03:17:49.0847 0x0824 WUDFRd - ok 03:17:49.0865 0x0824 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 03:17:49.0873 0x0824 wudfsvc - ok 03:17:49.0906 0x0824 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 03:17:49.0917 0x0824 WwanSvc - ok 03:17:49.0927 0x0824 ================ Scan global =============================== 03:17:49.0979 0x0824 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 03:17:50.0021 0x0824 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 03:17:50.0039 0x0824 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 03:17:50.0072 0x0824 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 03:17:50.0115 0x0824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 03:17:50.0126 0x0824 [ Global ] - ok 03:17:50.0127 0x0824 ================ Scan MBR ================================== 03:17:50.0143 0x0824 [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0 03:17:50.0144 0x0824 Suspicious mbr (Forged): \Device\Harddisk0\DR0 03:17:50.0246 0x0824 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a ( 0 ) 03:17:50.0246 0x0824 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected 03:17:52.0761 0x0824 ================ Scan VBR ================================== 03:17:52.0852 0x0824 [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1 03:17:52.0853 0x0824 \Device\Harddisk0\DR0\Partition1 - ok 03:17:52.0866 0x0824 [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2 03:17:52.0868 0x0824 \Device\Harddisk0\DR0\Partition2 - ok 03:17:52.0895 0x0824 [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3 03:17:52.0897 0x0824 \Device\Harddisk0\DR0\Partition3 - ok 03:17:52.0912 0x0824 [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4 03:17:52.0913 0x0824 \Device\Harddisk0\DR0\Partition4 - ok 03:17:52.0914 0x0824 Waiting for KSN requests completion. In queue: 28 03:17:53.0914 0x0824 Waiting for KSN requests completion. In queue: 28 03:17:54.0915 0x0824 Waiting for KSN requests completion. In queue: 28 03:17:56.0009 0x0824 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated ) 03:17:56.0146 0x0824 Win FW state via NFP2: enabled 03:17:58.0667 0x0824 ============================================================ 03:17:58.0667 0x0824 Scan finished 03:17:58.0667 0x0824 ============================================================ 03:17:58.0678 0x0980 Detected object count: 1 03:17:58.0678 0x0980 Actual detected object count: 1 -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
03:17:00.0146 0x1500 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12 03:17:04.0901 0x1500 ============================================================ 03:17:04.0901 0x1500 Current date / time: 2014/04/09 03:17:04.0901 03:17:04.0901 0x1500 SystemInfo: 03:17:04.0901 0x1500 03:17:04.0901 0x1500 OS Version: 6.1.7601 ServicePack: 1.0 03:17:04.0901 0x1500 Product type: Workstation 03:17:04.0901 0x1500 ComputerName: WALMART-HP 03:17:04.0901 0x1500 UserName: walmart 03:17:04.0901 0x1500 Windows directory: C:\Windows 03:17:04.0901 0x1500 System windows directory: C:\Windows 03:17:04.0901 0x1500 Running under WOW64 03:17:04.0901 0x1500 Processor architecture: Intel x64 03:17:04.0901 0x1500 Number of processors: 2 03:17:04.0901 0x1500 Page size: 0x1000 03:17:04.0901 0x1500 Boot type: Normal boot 03:17:04.0901 0x1500 ============================================================ 03:17:05.0198 0x1500 KLMD registered as C:\Windows\system32\drivers\49512773.sys 03:17:05.0980 0x1500 System UUID: {F2E90BC9-A548-FF9E-AC89-A246D26B8FE3} 03:17:07.0132 0x1500 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 03:17:07.0139 0x1500 ============================================================ 03:17:07.0139 0x1500 \Device\Harddisk0\DR0: 03:17:07.0139 0x1500 MBR partitions: 03:17:07.0139 0x1500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 03:17:07.0140 0x1500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800 03:17:07.0140 0x1500 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000 03:17:07.0140 0x1500 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 03:17:07.0140 0x1500 ============================================================ 03:17:07.0167 0x1500 C: <-> \Device\Harddisk0\DR0\Partition2 03:17:07.0211 0x1500 D: <-> \Device\Harddisk0\DR0\Partition3 03:17:07.0224 0x1500 F: <-> \Device\Harddisk0\DR0\Partition4 03:17:07.0224 0x1500 ============================================================ 03:17:07.0224 0x1500 Initialize success 03:17:07.0224 0x1500 ============================================================ 03:17:25.0474 0x0824 ============================================================ 03:17:25.0475 0x0824 Scan started 03:17:25.0475 0x0824 Mode: Manual; 03:17:25.0475 0x0824 ============================================================ 03:17:25.0475 0x0824 KSN ping started 03:17:27.0999 0x0824 KSN ping finished: true 03:17:28.0778 0x0824 ================ Scan system memory ======================== 03:17:28.0778 0x0824 System memory - ok 03:17:28.0778 0x0824 ================ Scan services ============================= 03:17:28.0962 0x0824 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 03:17:28.0969 0x0824 1394ohci - ok 03:17:29.0040 0x0824 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 03:17:29.0048 0x0824 ACPI - ok 03:17:29.0091 0x0824 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 03:17:29.0093 0x0824 AcpiPmi - ok 03:17:29.0191 0x0824 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 03:17:29.0198 0x0824 AdobeFlashPlayerUpdateSvc - ok 03:17:29.0252 0x0824 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 03:17:29.0266 0x0824 adp94xx - ok 03:17:29.0308 0x0824 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 03:17:29.0318 0x0824 adpahci - ok 03:17:29.0346 0x0824 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 03:17:29.0352 0x0824 adpu320 - ok 03:17:29.0393 0x0824 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 03:17:29.0396 0x0824 AeLookupSvc - ok 03:17:29.0530 0x0824 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 03:17:29.0533 0x0824 AERTFilters - ok 03:17:29.0887 0x0824 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 03:17:29.0901 0x0824 AFD - ok 03:17:29.0948 0x0824 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 03:17:29.0951 0x0824 agp440 - ok 03:17:29.0977 0x0824 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 03:17:29.0981 0x0824 ALG - ok 03:17:30.0003 0x0824 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 03:17:30.0005 0x0824 aliide - ok 03:17:30.0027 0x0824 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 03:17:30.0028 0x0824 amdide - ok 03:17:30.0052 0x0824 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 03:17:30.0055 0x0824 AmdK8 - ok 03:17:30.0077 0x0824 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 03:17:30.0080 0x0824 AmdPPM - ok 03:17:30.0117 0x0824 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 03:17:30.0121 0x0824 amdsata - ok 03:17:30.0160 0x0824 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 03:17:30.0167 0x0824 amdsbs - ok 03:17:30.0212 0x0824 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 03:17:30.0214 0x0824 amdxata - ok 03:17:30.0240 0x0824 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 03:17:30.0243 0x0824 AppID - ok 03:17:30.0275 0x0824 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 03:17:30.0277 0x0824 AppIDSvc - ok 03:17:30.0320 0x0824 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 03:17:30.0323 0x0824 Appinfo - ok 03:17:30.0367 0x0824 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 03:17:30.0371 0x0824 arc - ok 03:17:30.0399 0x0824 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 03:17:30.0403 0x0824 arcsas - ok 03:17:30.0503 0x0824 [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 03:17:30.0689 0x0824 aswMonFlt - ok 03:17:30.0746 0x0824 [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 03:17:30.0749 0x0824 aswRdr - ok 03:17:30.0788 0x0824 [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 03:17:30.0957 0x0824 aswRvrt - ok 03:17:31.0047 0x0824 [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 03:17:31.0075 0x0824 aswSnx - ok 03:17:31.0130 0x0824 [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys 03:17:31.0142 0x0824 aswSP - ok 03:17:31.0180 0x0824 [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys 03:17:31.0183 0x0824 aswStm - ok 03:17:31.0201 0x0824 [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 03:17:31.0208 0x0824 aswVmm - ok 03:17:31.0228 0x0824 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 03:17:31.0229 0x0824 AsyncMac - ok 03:17:31.0255 0x0824 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 03:17:31.0257 0x0824 atapi - ok 03:17:31.0299 0x0824 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 03:17:31.0314 0x0824 AudioEndpointBuilder - ok 03:17:31.0339 0x0824 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 03:17:31.0355 0x0824 AudioSrv - ok 03:17:31.0497 0x0824 [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 03:17:31.0499 0x0824 avast! Antivirus - ok 03:17:31.0523 0x0824 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 03:17:31.0527 0x0824 AxInstSV - ok 03:17:31.0577 0x0824 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 03:17:31.0590 0x0824 b06bdrv - ok 03:17:31.0627 0x0824 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 03:17:31.0635 0x0824 b57nd60a - ok 03:17:31.0701 0x0824 [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 03:17:31.0734 0x0824 BCM43XX - ok 03:17:31.0768 0x0824 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 03:17:31.0772 0x0824 BDESVC - ok 03:17:31.0786 0x0824 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 03:17:31.0787 0x0824 Beep - ok 03:17:31.0828 0x0824 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 03:17:31.0847 0x0824 BFE - ok 03:17:31.0921 0x0824 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 03:17:31.0976 0x0824 BITS - ok 03:17:32.0009 0x0824 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 03:17:32.0011 0x0824 blbdrive - ok 03:17:32.0038 0x0824 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 03:17:32.0041 0x0824 bowser - ok 03:17:32.0069 0x0824 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 03:17:32.0070 0x0824 BrFiltLo - ok 03:17:32.0090 0x0824 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 03:17:32.0091 0x0824 BrFiltUp - ok 03:17:32.0125 0x0824 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 03:17:32.0130 0x0824 Browser - ok 03:17:32.0152 0x0824 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 03:17:32.0160 0x0824 Brserid - ok 03:17:32.0173 0x0824 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 03:17:32.0177 0x0824 BrSerWdm - ok 03:17:32.0207 0x0824 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 03:17:32.0209 0x0824 BrUsbMdm - ok 03:17:32.0243 0x0824 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 03:17:32.0244 0x0824 BrUsbSer - ok 03:17:32.0272 0x0824 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 03:17:32.0275 0x0824 BTHMODEM - ok 03:17:32.0308 0x0824 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 03:17:32.0311 0x0824 bthserv - ok 03:17:32.0351 0x0824 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 03:17:32.0355 0x0824 cdfs - ok 03:17:32.0383 0x0824 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 03:17:32.0388 0x0824 cdrom - ok 03:17:32.0408 0x0824 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 03:17:32.0411 0x0824 CertPropSvc - ok 03:17:32.0423 0x0824 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 03:17:32.0426 0x0824 circlass - ok 03:17:32.0458 0x0824 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 03:17:32.0468 0x0824 CLFS - ok 03:17:32.0541 0x0824 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 03:17:32.0545 0x0824 clr_optimization_v2.0.50727_32 - ok 03:17:32.0584 0x0824 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 03:17:32.0588 0x0824 clr_optimization_v2.0.50727_64 - ok 03:17:32.0643 0x0824 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 03:17:32.0660 0x0824 clr_optimization_v4.0.30319_32 - ok 03:17:32.0692 0x0824 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 03:17:32.0698 0x0824 clr_optimization_v4.0.30319_64 - ok 03:17:32.0726 0x0824 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 03:17:32.0728 0x0824 clwvd - ok 03:17:32.0755 0x0824 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 03:17:32.0757 0x0824 CmBatt - ok 03:17:32.0793 0x0824 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 03:17:32.0795 0x0824 cmdide - ok 03:17:32.0830 0x0824 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 03:17:32.0843 0x0824 CNG - ok 03:17:32.0866 0x0824 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 03:17:32.0867 0x0824 Compbatt - ok 03:17:32.0892 0x0824 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 03:17:32.0894 0x0824 CompositeBus - ok 03:17:32.0901 0x0824 COMSysApp - ok 03:17:32.0922 0x0824 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 03:17:32.0924 0x0824 crcdisk - ok 03:17:32.0962 0x0824 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 03:17:32.0969 0x0824 CryptSvc - ok 03:17:33.0124 0x0824 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 03:17:33.0147 0x0824 cvhsvc - ok 03:17:33.0196 0x0824 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 03:17:33.0213 0x0824 DcomLaunch - ok 03:17:33.0250 0x0824 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 03:17:33.0259 0x0824 defragsvc - ok 03:17:33.0287 0x0824 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 03:17:33.0291 0x0824 DfsC - ok 03:17:33.0321 0x0824 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 03:17:33.0331 0x0824 Dhcp - ok 03:17:33.0343 0x0824 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 03:17:33.0345 0x0824 discache - ok 03:17:33.0383 0x0824 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 03:17:33.0386 0x0824 Disk - ok 03:17:33.0424 0x0824 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 03:17:33.0430 0x0824 Dnscache - ok 03:17:33.0456 0x0824 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 03:17:33.0464 0x0824 dot3svc - ok 03:17:33.0490 0x0824 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 03:17:33.0497 0x0824 DPS - ok 03:17:33.0534 0x0824 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 03:17:33.0536 0x0824 drmkaud - ok 03:17:33.0610 0x0824 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 03:17:33.0636 0x0824 DXGKrnl - ok 03:17:33.0692 0x0824 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 03:17:33.0697 0x0824 EapHost - ok 03:17:33.0838 0x0824 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 03:17:33.0963 0x0824 ebdrv - ok 03:17:34.0014 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 03:17:34.0017 0x0824 EFS - ok 03:17:34.0090 0x0824 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 03:17:34.0109 0x0824 ehRecvr - ok 03:17:34.0127 0x0824 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 03:17:34.0132 0x0824 ehSched - ok 03:17:34.0162 0x0824 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 03:17:34.0177 0x0824 elxstor - ok 03:17:34.0236 0x0824 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 03:17:34.0238 0x0824 ErrDev - ok 03:17:34.0303 0x0824 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 03:17:34.0316 0x0824 EventSystem - ok 03:17:34.0348 0x0824 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 03:17:34.0354 0x0824 exfat - ok 03:17:34.0389 0x0824 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 03:17:34.0395 0x0824 fastfat - ok 03:17:34.0428 0x0824 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 03:17:34.0445 0x0824 Fax - ok 03:17:34.0465 0x0824 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 03:17:34.0467 0x0824 fdc - ok 03:17:34.0487 0x0824 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 03:17:34.0489 0x0824 fdPHost - ok 03:17:34.0503 0x0824 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 03:17:34.0506 0x0824 FDResPub - ok 03:17:34.0531 0x0824 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 03:17:34.0535 0x0824 FileInfo - ok 03:17:34.0555 0x0824 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 03:17:34.0557 0x0824 Filetrace - ok 03:17:34.0567 0x0824 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 03:17:34.0569 0x0824 flpydisk - ok 03:17:34.0596 0x0824 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 03:17:34.0605 0x0824 FltMgr - ok 03:17:34.0659 0x0824 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 03:17:34.0686 0x0824 FontCache - ok 03:17:34.0746 0x0824 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 03:17:34.0749 0x0824 FontCache3.0.0.0 - ok 03:17:34.0769 0x0824 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 03:17:34.0771 0x0824 FsDepends - ok 03:17:34.0803 0x0824 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 03:17:34.0805 0x0824 Fs_Rec - ok 03:17:34.0841 0x0824 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 03:17:34.0847 0x0824 fvevol - ok 03:17:34.0870 0x0824 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 03:17:34.0873 0x0824 gagp30kx - ok 03:17:34.0919 0x0824 [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 03:17:34.0926 0x0824 GameConsoleService - ok 03:17:34.0981 0x0824 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 03:17:35.0003 0x0824 gpsvc - ok 03:17:35.0059 0x0824 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 03:17:35.0062 0x0824 gupdate - ok 03:17:35.0070 0x0824 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 03:17:35.0073 0x0824 gupdatem - ok 03:17:35.0089 0x0824 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 03:17:35.0091 0x0824 hcw85cir - ok 03:17:35.0126 0x0824 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 03:17:35.0136 0x0824 HdAudAddService - ok 03:17:35.0166 0x0824 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 03:17:35.0170 0x0824 HDAudBus - ok 03:17:35.0190 0x0824 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 03:17:35.0192 0x0824 HidBatt - ok 03:17:35.0213 0x0824 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 03:17:35.0217 0x0824 HidBth - ok 03:17:35.0243 0x0824 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 03:17:35.0246 0x0824 HidIr - ok 03:17:35.0265 0x0824 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 03:17:35.0268 0x0824 hidserv - ok 03:17:35.0301 0x0824 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 03:17:35.0303 0x0824 HidUsb - ok 03:17:35.0338 0x0824 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 03:17:35.0342 0x0824 hkmsvc - ok 03:17:35.0361 0x0824 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 03:17:35.0369 0x0824 HomeGroupListener - ok 03:17:35.0404 0x0824 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 03:17:35.0412 0x0824 HomeGroupProvider - ok 03:17:35.0470 0x0824 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 03:17:35.0474 0x0824 HP Support Assistant Service - ok 03:17:35.0511 0x0824 [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 03:17:35.0515 0x0824 HP Wireless Assistant Service - ok 03:17:35.0543 0x0824 [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 03:17:35.0550 0x0824 HPClientSvc - ok 03:17:35.0631 0x0824 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 03:17:35.0656 0x0824 hpqwmiex - ok 03:17:35.0693 0x0824 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 03:17:35.0697 0x0824 HpSAMD - ok 03:17:35.0747 0x0824 [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 03:17:35.0749 0x0824 HPWMISVC - ok 03:17:35.0802 0x0824 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 03:17:35.0822 0x0824 HTTP - ok 03:17:35.0837 0x0824 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 03:17:35.0838 0x0824 hwpolicy - ok 03:17:35.0875 0x0824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 03:17:35.0879 0x0824 i8042prt - ok 03:17:35.0919 0x0824 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 03:17:35.0931 0x0824 iaStor - ok 03:17:35.0984 0x0824 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 03:17:35.0985 0x0824 IAStorDataMgrSvc - ok 03:17:36.0037 0x0824 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 03:17:36.0048 0x0824 iaStorV - ok 03:17:36.0283 0x0824 [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 03:17:36.0395 0x0824 IconMan_R - ok 03:17:36.0462 0x0824 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 03:17:36.0485 0x0824 idsvc - ok 03:17:36.0524 0x0824 IEEtwCollectorService - ok 03:17:36.0903 0x0824 [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 03:17:37.0288 0x0824 igfx - ok 03:17:37.0347 0x0824 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 03:17:37.0349 0x0824 iirsp - ok 03:17:37.0408 0x0824 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 03:17:37.0431 0x0824 IKEEXT - ok 03:17:37.0603 0x0824 [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 03:17:37.0739 0x0824 IntcAzAudAddService - ok 03:17:37.0771 0x0824 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 03:17:37.0773 0x0824 intelide - ok 03:17:37.0812 0x0824 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 03:17:37.0815 0x0824 intelppm - ok 03:17:37.0838 0x0824 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 03:17:37.0844 0x0824 IPBusEnum - ok 03:17:37.0867 0x0824 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 03:17:37.0870 0x0824 IpFilterDriver - ok 03:17:37.0916 0x0824 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 03:17:37.0930 0x0824 iphlpsvc - ok 03:17:37.0964 0x0824 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 03:17:37.0967 0x0824 IPMIDRV - ok 03:17:37.0995 0x0824 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 03:17:37.0999 0x0824 IPNAT - ok 03:17:38.0025 0x0824 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 03:17:38.0027 0x0824 IRENUM - ok 03:17:38.0050 0x0824 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 03:17:38.0052 0x0824 isapnp - ok 03:17:38.0076 0x0824 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 03:17:38.0084 0x0824 iScsiPrt - ok 03:17:38.0098 0x0824 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 03:17:38.0100 0x0824 kbdclass - ok 03:17:38.0128 0x0824 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 03:17:38.0130 0x0824 kbdhid - ok 03:17:38.0148 0x0824 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 03:17:38.0151 0x0824 KeyIso - ok 03:17:38.0185 0x0824 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 03:17:38.0189 0x0824 KSecDD - ok 03:17:38.0240 0x0824 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
21:15:49.0030 3824 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 21:15:56.0342 3824 ============================================================ 21:15:56.0342 3824 Current date / time: 2014/04/08 21:15:56.0342 21:15:56.0342 3824 SystemInfo: 21:15:56.0342 3824 21:15:56.0342 3824 OS Version: 6.1.7601 ServicePack: 1.0 21:15:56.0342 3824 Product type: Workstation 21:15:56.0342 3824 ComputerName: WALMART-HP 21:15:56.0343 3824 UserName: walmart 21:15:56.0343 3824 Windows directory: C:\Windows 21:15:56.0343 3824 System windows directory: C:\Windows 21:15:56.0343 3824 Running under WOW64 21:15:56.0343 3824 Processor architecture: Intel x64 21:15:56.0343 3824 Number of processors: 2 21:15:56.0343 3824 Page size: 0x1000 21:15:56.0343 3824 Boot type: Normal boot 21:15:56.0343 3824 ============================================================ 21:15:57.0092 3824 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:15:57.0100 3824 ============================================================ 21:15:57.0100 3824 \Device\Harddisk0\DR0: 21:15:57.0100 3824 MBR partitions: 21:15:57.0100 3824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 21:15:57.0100 3824 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800 21:15:57.0100 3824 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000 21:15:57.0100 3824 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 21:15:57.0100 3824 ============================================================ 21:15:57.0128 3824 C: <-> \Device\Harddisk0\DR0\Partition2 21:15:57.0171 3824 D: <-> \Device\Harddisk0\DR0\Partition3 21:15:57.0184 3824 F: <-> \Device\Harddisk0\DR0\Partition4 21:15:57.0222 3824 ============================================================ 21:15:57.0222 3824 Initialize success 21:15:57.0222 3824 ============================================================ 21:16:02.0319 6508 ============================================================ 21:16:02.0319 6508 Scan started 21:16:02.0319 6508 Mode: Manual; 21:16:02.0319 6508 ============================================================ 21:16:03.0487 6508 ================ Scan system memory ======================== 21:16:03.0487 6508 System memory - ok 21:16:03.0488 6508 ================ Scan services ============================= 21:16:03.0653 6508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:16:03.0657 6508 1394ohci - ok 21:16:03.0696 6508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:16:03.0701 6508 ACPI - ok 21:16:03.0719 6508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:16:03.0721 6508 AcpiPmi - ok 21:16:03.0837 6508 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:16:03.0839 6508 AdobeFlashPlayerUpdateSvc - ok 21:16:03.0895 6508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:16:03.0901 6508 adp94xx - ok 21:16:03.0931 6508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:16:03.0936 6508 adpahci - ok 21:16:03.0959 6508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:16:03.0963 6508 adpu320 - ok 21:16:03.0998 6508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:16:03.0999 6508 AeLookupSvc - ok 21:16:04.0089 6508 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 21:16:04.0092 6508 AERTFilters - ok 21:16:04.0142 6508 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys 21:16:04.0149 6508 AFD - ok 21:16:04.0186 6508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:16:04.0188 6508 agp440 - ok 21:16:04.0215 6508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:16:04.0217 6508 ALG - ok 21:16:04.0242 6508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:16:04.0244 6508 aliide - ok 21:16:04.0265 6508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:16:04.0266 6508 amdide - ok 21:16:04.0290 6508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:16:04.0292 6508 AmdK8 - ok 21:16:04.0315 6508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:16:04.0317 6508 AmdPPM - ok 21:16:04.0354 6508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:16:04.0357 6508 amdsata - ok 21:16:04.0406 6508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:16:04.0410 6508 amdsbs - ok 21:16:04.0428 6508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:16:04.0430 6508 amdxata - ok 21:16:04.0467 6508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:16:04.0469 6508 AppID - ok 21:16:04.0502 6508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:16:04.0504 6508 AppIDSvc - ok 21:16:04.0547 6508 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 21:16:04.0548 6508 Appinfo - ok 21:16:04.0582 6508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:16:04.0584 6508 arc - ok 21:16:04.0614 6508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:16:04.0616 6508 arcsas - ok 21:16:04.0674 6508 [ 8BE618EB795A87DBFD1E09DA63F009C7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 21:16:04.0676 6508 aswMonFlt - ok 21:16:04.0738 6508 [ D4259F75734EBCC8D815753B09EB2F0A ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 21:16:04.0740 6508 aswRdr - ok 21:16:04.0770 6508 [ 8D4B8BF93C65BDBC133B20706A3B5208 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 21:16:04.0772 6508 aswRvrt - ok 21:16:04.0826 6508 [ AA0D1B47BE967E1E17301DDFB66C432C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 21:16:04.0838 6508 aswSnx - ok 21:16:04.0885 6508 [ 15C6B7D20EE0E44A4DF82183A89CCFC2 ] aswSP C:\Windows\system32\drivers\aswSP.sys 21:16:04.0891 6508 aswSP - ok 21:16:04.0940 6508 [ 81FA56F29440406A7264CBD7B1C7CB29 ] aswStm C:\Windows\system32\drivers\aswStm.sys 21:16:04.0942 6508 aswStm - ok 21:16:04.0960 6508 [ 0606875650850B0697D662934529F6FC ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 21:16:04.0963 6508 aswVmm - ok 21:16:04.0989 6508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:16:04.0990 6508 AsyncMac - ok 21:16:05.0038 6508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:16:05.0039 6508 atapi - ok 21:16:05.0083 6508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:16:05.0088 6508 AudioEndpointBuilder - ok 21:16:05.0100 6508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:16:05.0104 6508 AudioSrv - ok 21:16:05.0257 6508 [ BEA8D0FA8805CC2E6BB49728166699C7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 21:16:05.0259 6508 avast! Antivirus - ok 21:16:05.0293 6508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:16:05.0296 6508 AxInstSV - ok 21:16:05.0343 6508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:16:05.0349 6508 b06bdrv - ok 21:16:05.0385 6508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:16:05.0389 6508 b57nd60a - ok 21:16:05.0443 6508 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 21:16:05.0457 6508 BCM43XX - ok 21:16:05.0483 6508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:16:05.0486 6508 BDESVC - ok 21:16:05.0503 6508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:16:05.0504 6508 Beep - ok 21:16:05.0534 6508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:16:05.0539 6508 BFE - ok 21:16:05.0602 6508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:16:05.0687 6508 BITS - ok 21:16:05.0714 6508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 21:16:05.0715 6508 blbdrive - ok 21:16:05.0742 6508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:16:05.0744 6508 bowser - ok 21:16:05.0774 6508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:16:05.0775 6508 BrFiltLo - ok 21:16:05.0795 6508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:16:05.0796 6508 BrFiltUp - ok 21:16:05.0829 6508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:16:05.0831 6508 Browser - ok 21:16:05.0853 6508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:16:05.0857 6508 Brserid - ok 21:16:05.0878 6508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:16:05.0880 6508 BrSerWdm - ok 21:16:05.0913 6508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:16:05.0914 6508 BrUsbMdm - ok 21:16:05.0948 6508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:16:05.0950 6508 BrUsbSer - ok 21:16:05.0977 6508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:16:05.0978 6508 BTHMODEM - ok 21:16:06.0012 6508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:16:06.0014 6508 bthserv - ok 21:16:06.0044 6508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:16:06.0047 6508 cdfs - ok 21:16:06.0075 6508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:16:06.0078 6508 cdrom - ok 21:16:06.0102 6508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:16:06.0104 6508 CertPropSvc - ok 21:16:06.0117 6508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 21:16:06.0119 6508 circlass - ok 21:16:06.0147 6508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:16:06.0152 6508 CLFS - ok 21:16:06.0224 6508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:16:06.0227 6508 clr_optimization_v2.0.50727_32 - ok 21:16:06.0266 6508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:16:06.0270 6508 clr_optimization_v2.0.50727_64 - ok 21:16:06.0313 6508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:16:06.0352 6508 clr_optimization_v4.0.30319_32 - ok 21:16:06.0385 6508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:16:06.0388 6508 clr_optimization_v4.0.30319_64 - ok 21:16:06.0409 6508 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 21:16:06.0411 6508 clwvd - ok 21:16:06.0438 6508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 21:16:06.0439 6508 CmBatt - ok 21:16:06.0476 6508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:16:06.0477 6508 cmdide - ok 21:16:06.0506 6508 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys 21:16:06.0512 6508 CNG - ok 21:16:06.0538 6508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:16:06.0539 6508 Compbatt - ok 21:16:06.0564 6508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:16:06.0565 6508 CompositeBus - ok 21:16:06.0572 6508 COMSysApp - ok 21:16:06.0594 6508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:16:06.0595 6508 crcdisk - ok 21:16:06.0632 6508 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:16:06.0635 6508 CryptSvc - ok 21:16:06.0784 6508 [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 21:16:06.0793 6508 cvhsvc - ok 21:16:06.0838 6508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:16:06.0845 6508 DcomLaunch - ok 21:16:06.0873 6508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:16:06.0878 6508 defragsvc - ok 21:16:06.0903 6508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:16:06.0905 6508 DfsC - ok 21:16:06.0922 6508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:16:06.0925 6508 Dhcp - ok 21:16:06.0936 6508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:16:06.0937 6508 discache - ok 21:16:06.0965 6508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:16:06.0967 6508 Disk - ok 21:16:06.0993 6508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:16:06.0996 6508 Dnscache - ok 21:16:07.0024 6508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:16:07.0029 6508 dot3svc - ok 21:16:07.0047 6508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:16:07.0050 6508 DPS - ok 21:16:07.0095 6508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:16:07.0097 6508 drmkaud - ok 21:16:07.0157 6508 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:16:07.0167 6508 DXGKrnl - ok 21:16:07.0219 6508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:16:07.0221 6508 EapHost - ok 21:16:07.0306 6508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:16:07.0387 6508 ebdrv - ok 21:16:07.0430 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe 21:16:07.0433 6508 EFS - ok 21:16:07.0496 6508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:16:07.0505 6508 ehRecvr - ok 21:16:07.0520 6508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:16:07.0523 6508 ehSched - ok 21:16:07.0549 6508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:16:07.0556 6508 elxstor - ok 21:16:07.0575 6508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:16:07.0576 6508 ErrDev - ok 21:16:07.0625 6508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:16:07.0629 6508 EventSystem - ok 21:16:07.0662 6508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:16:07.0665 6508 exfat - ok 21:16:07.0691 6508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:16:07.0695 6508 fastfat - ok 21:16:07.0724 6508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:16:07.0733 6508 Fax - ok 21:16:07.0748 6508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:16:07.0750 6508 fdc - ok 21:16:07.0770 6508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:16:07.0772 6508 fdPHost - ok 21:16:07.0786 6508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:16:07.0789 6508 FDResPub - ok 21:16:07.0814 6508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:16:07.0816 6508 FileInfo - ok 21:16:07.0827 6508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:16:07.0828 6508 Filetrace - ok 21:16:07.0839 6508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:16:07.0840 6508 flpydisk - ok 21:16:07.0850 6508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:16:07.0854 6508 FltMgr - ok 21:16:07.0892 6508 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 21:16:07.0907 6508 FontCache - ok 21:16:07.0962 6508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:16:07.0964 6508 FontCache3.0.0.0 - ok 21:16:07.0984 6508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:16:07.0986 6508 FsDepends - ok 21:16:08.0008 6508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:16:08.0010 6508 Fs_Rec - ok 21:16:08.0043 6508 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:16:08.0046 6508 fvevol - ok 21:16:08.0075 6508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:16:08.0077 6508 gagp30kx - ok 21:16:08.0121 6508 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 21:16:08.0124 6508 GameConsoleService - ok 21:16:08.0164 6508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:16:08.0171 6508 gpsvc - ok 21:16:08.0229 6508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:16:08.0231 6508 gupdate - ok 21:16:08.0236 6508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:16:08.0238 6508 gupdatem - ok 21:16:08.0261 6508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:16:08.0262 6508 hcw85cir - ok 21:16:08.0294 6508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:16:08.0298 6508 HdAudAddService - ok 21:16:08.0326 6508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:16:08.0328 6508 HDAudBus - ok 21:16:08.0340 6508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:16:08.0342 6508 HidBatt - ok 21:16:08.0362 6508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:16:08.0364 6508 HidBth - ok 21:16:08.0382 6508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 21:16:08.0384 6508 HidIr - ok 21:16:08.0403 6508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:16:08.0406 6508 hidserv - ok 21:16:08.0440 6508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:16:08.0441 6508 HidUsb - ok 21:16:08.0475 6508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:16:08.0479 6508 hkmsvc - ok 21:16:08.0497 6508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:16:08.0502 6508 HomeGroupListener - ok 21:16:08.0529 6508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:16:08.0534 6508 HomeGroupProvider - ok 21:16:08.0597 6508 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 21:16:08.0599 6508 HP Support Assistant Service - ok 21:16:08.0637 6508 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 21:16:08.0640 6508 HP Wireless Assistant Service - ok 21:16:08.0667 6508 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 21:16:08.0671 6508 HPClientSvc - ok 21:16:08.0733 6508 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 21:16:08.0740 6508 hpqwmiex - ok 21:16:08.0776 6508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:16:08.0777 6508 HpSAMD - ok 21:16:08.0830 6508 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 21:16:08.0832 6508 HPWMISVC - ok 21:16:08.0874 6508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:16:08.0883 6508 HTTP - ok 21:16:08.0898 6508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:16:08.0899 6508 hwpolicy - ok 21:16:08.0935 6508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:16:08.0937 6508 i8042prt - ok 21:16:08.0972 6508 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 21:16:08.0976 6508 iaStor - ok 21:16:09.0033 6508 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 21:16:09.0035 6508 IAStorDataMgrSvc - ok 21:16:09.0070 6508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:16:09.0076 6508 iaStorV - ok 21:16:09.0252 6508 [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 21:16:09.0274 6508 IconMan_R - ok 21:16:09.0334 6508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:16:09.0344 6508 idsvc - ok 21:16:09.0375 6508 IEEtwCollectorService - ok 21:16:09.0596 6508 [ 8814F0B9A09C647D3D7BE735450E7B4C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:16:09.0788 6508 igfx - ok 21:16:09.0806 6508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:16:09.0808 6508 iirsp - ok 21:16:09.0855 6508 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll 21:16:09.0862 6508 IKEEXT - ok 21:16:09.0973 6508 [ ECA5E9DA350D2D21376260CD3602449A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:16:10.0056 6508 IntcAzAudAddService - ok 21:16:10.0086 6508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:16:10.0088 6508 intelide - ok 21:16:10.0127 6508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:16:10.0129 6508 intelppm - ok 21:16:10.0153 6508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:16:10.0156 6508 IPBusEnum - ok 21:16:10.0181 6508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:16:10.0184 6508 IpFilterDriver - ok 21:16:10.0234 6508 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:16:10.0240 6508 iphlpsvc - ok 21:16:10.0268 6508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:16:10.0270 6508 IPMIDRV - ok 21:16:10.0287 6508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:16:10.0289 6508 IPNAT - ok 21:16:10.0318 6508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:16:10.0320 6508 IRENUM - ok 21:16:10.0333 6508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:16:10.0334 6508 isapnp - ok 21:16:10.0355 6508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:16:10.0359 6508 iScsiPrt - ok 21:16:10.0379 6508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 21:16:10.0381 6508 kbdclass - ok 21:16:10.0410 6508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:16:10.0412 6508 kbdhid - ok 21:16:10.0430 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe 21:16:10.0433 6508 KeyIso - ok 21:16:10.0477 6508 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:16:10.0479 6508 KSecDD - ok 21:16:10.0509 6508 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:16:10.0512 6508 KSecPkg - ok 21:16:10.0544 6508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:16:10.0546 6508 ksthunk - ok 21:16:10.0579 6508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:16:10.0587 6508 KtmRm - ok 21:16:10.0616 6508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:16:10.0621 6508 LanmanServer - ok 21:16:10.0636 6508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:16:10.0641 6508 LanmanWorkstation - ok 21:16:10.0677 6508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:16:10.0679 6508 lltdio - ok 21:16:10.0715 6508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:16:10.0721 6508 lltdsvc - ok 21:16:10.0765 6508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:16:10.0768 6508 lmhosts - ok 21:16:10.0792 6508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:16:10.0794 6508 LSI_FC - ok 21:16:10.0814 6508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:16:10.0817 6508 LSI_SAS - ok 21:16:10.0834 6508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:16:10.0837 6508 LSI_SAS2 - ok 21:16:10.0854 6508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:16:10.0856 6508 LSI_SCSI - ok 21:16:10.0883 6508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:16:10.0885 6508 luafv - ok 21:16:10.0934 6508 [ FD5465B876D55534117963FAAA4B9DFC ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:16:10.0935 6508 MBAMProtector - ok 21:16:11.0022 6508 [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe 21:16:11.0042 6508 MBAMScheduler - ok 21:16:11.0096 6508 [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe 21:16:11.0105 6508 MBAMService - ok 21:16:11.0164 6508 [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 21:16:11.0165 6508 MBAMSwissArmy - ok 21:16:11.0205 6508 [ C49915271600CFC2305FAA4271D0002F ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 21:16:11.0206 6508 MBAMWebAccessControl - ok 21:16:11.0245 6508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:16:11.0249 6508 Mcx2Svc - ok 21:16:11.0272 6508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:16:11.0274 6508 megasas - ok 21:16:11.0294 6508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:16:11.0298 6508 MegaSR - ok 21:16:11.0322 6508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:16:11.0325 6508 MMCSS - ok 21:16:11.0355 6508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:16:11.0357 6508 Modem - ok 21:16:11.0376 6508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:16:11.0377 6508 monitor - ok 21:16:11.0406 6508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:16:11.0407 6508 mouclass - ok 21:16:11.0424 6508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys 21:16:11.0426 6508 mouhid - ok 21:16:11.0439 6508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:16:11.0441 6508 mountmgr - ok 21:16:11.0498 6508 [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 21:16:11.0500 6508 MozillaMaintenance - ok 21:16:11.0538 6508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:16:11.0541 6508 mpio - ok 21:16:11.0568 6508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:16:11.0570 6508 mpsdrv - ok 21:16:11.0618 6508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:16:11.0626 6508 MpsSvc - ok 21:16:11.0658 6508 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:16:11.0661 6508 MRxDAV - ok 21:16:11.0698 6508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:16:11.0701 6508 mrxsmb - ok 21:16:11.0718 6508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:16:11.0722 6508 mrxsmb10 - ok 21:16:11.0729 6508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:16:11.0732 6508 mrxsmb20 - ok 21:16:11.0763 6508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:16:11.0765 6508 msahci - ok 21:16:11.0788 6508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:16:11.0791 6508 msdsm - ok 21:16:11.0811 6508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:16:11.0815 6508 MSDTC - ok 21:16:11.0840 6508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:16:11.0841 6508 Msfs - ok 21:16:11.0861 6508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:16:11.0862 6508 mshidkmdf - ok 21:16:11.0885 6508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:16:11.0887 6508 msisadrv - ok 21:16:11.0915 6508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:16:11.0919 6508 MSiSCSI - ok 21:16:11.0925 6508 msiserver - ok 21:16:11.0940 6508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:16:11.0951 6508 MSKSSRV - ok 21:16:11.0966 6508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:16:11.0967 6508 MSPCLOCK - ok 21:16:11.0987 6508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:16:11.0989 6508 MSPQM - ok 21:16:12.0010 6508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:16:12.0016 6508 MsRPC - ok 21:16:12.0051 6508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:16:12.0053 6508 mssmbios - ok 21:16:12.0072 6508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:16:12.0085 6508 MSTEE - ok 21:16:12.0102 6508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:16:12.0104 6508 MTConfig - ok 21:16:12.0127 6508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:16:12.0129 6508 Mup - ok 21:16:12.0166 6508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:16:12.0175 6508 napagent - ok 21:16:12.0197 6508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:16:12.0202 6508 NativeWifiP - ok 21:16:12.0263 6508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:16:12.0274 6508 NDIS - ok 21:16:12.0301 6508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:16:12.0303 6508 NdisCap - ok 21:16:12.0324 6508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:16:12.0325 6508 NdisTapi - ok 21:16:12.0343 6508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:16:12.0345 6508 Ndisuio - ok 21:16:12.0352 6508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:16:12.0355 6508 NdisWan - ok 21:16:12.0368 6508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:16:12.0370 6508 NDProxy - ok 21:16:12.0386 6508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:16:12.0388 6508 NetBIOS - ok 21:16:12.0404 6508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:16:12.0408 6508 NetBT - ok 21:16:12.0430 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe 21:16:12.0433 6508 Netlogon - ok 21:16:12.0466 6508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:16:12.0471 6508 Netman - ok 21:16:12.0491 6508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:16:12.0496 6508 netprofm - ok 21:16:12.0528 6508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:16:12.0531 6508 NetTcpPortSharing - ok 21:16:12.0548 6508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:16:12.0549 6508 nfrd960 - ok 21:16:12.0586 6508 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:16:12.0591 6508 NlaSvc - ok 21:16:12.0620 6508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:16:12.0622 6508 Npfs - ok 21:16:12.0653 6508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:16:12.0656 6508 nsi - ok 21:16:12.0673 6508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:16:12.0674 6508 nsiproxy - ok 21:16:12.0735 6508 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:16:12.0771 6508 Ntfs - ok 21:16:12.0791 6508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:16:12.0792 6508 Null - ok 21:16:12.0813 6508 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 21:16:12.0819 6508 NVENETFD - ok 21:16:12.0837 6508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:16:12.0840 6508 nvraid - ok 21:16:12.0871 6508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:16:12.0874 6508 nvstor - ok 21:16:12.0914 6508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:16:12.0917 6508 nv_agp - ok 21:16:12.0930 6508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:16:12.0932 6508 ohci1394 - ok 21:16:12.0968 6508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:16:12.0971 6508 ose - ok 21:16:13.0115 6508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:16:13.0181 6508 osppsvc - ok 21:16:13.0218 6508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:16:13.0223 6508 p2pimsvc - ok 21:16:13.0240 6508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:16:13.0245 6508 p2psvc - ok 21:16:13.0262 6508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:16:13.0264 6508 Parport - ok 21:16:13.0294 6508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:16:13.0297 6508 partmgr - ok 21:16:13.0320 6508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:16:13.0324 6508 PcaSvc - ok 21:16:13.0331 6508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:16:13.0335 6508 pci - ok 21:16:13.0371 6508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:16:13.0373 6508 pciide - ok 21:16:13.0400 6508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:16:13.0403 6508 pcmcia - ok 21:16:13.0430 6508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:16:13.0432 6508 pcw - ok 21:16:13.0457 6508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:16:13.0465 6508 PEAUTH - ok 21:16:13.0523 6508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:16:13.0526 6508 PerfHost - ok 21:16:13.0587 6508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:16:13.0605 6508 pla - ok 21:16:13.0637 6508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:16:13.0644 6508 PlugPlay - ok 21:16:13.0661 6508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:16:13.0665 6508 PNRPAutoReg - ok 21:16:13.0684 6508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:16:13.0689 6508 PNRPsvc - ok 21:16:13.0722 6508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:16:13.0726 6508 PolicyAgent - ok 21:16:13.0756 6508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 21:16:13.0761 6508 Power - ok 21:16:13.0783 6508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:16:13.0786 6508 PptpMiniport - ok 21:16:13.0808 6508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:16:13.0810 6508 Processor - ok 21:16:13.0842 6508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:16:13.0847 6508 ProfSvc - ok 21:16:13.0863 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe 21:16:13.0866 6508 ProtectedStorage - ok 21:16:13.0882 6508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:16:13.0884 6508 Psched - ok 21:16:13.0944 6508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:16:13.0960 6508 ql2300 - ok 21:16:13.0983 6508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:16:13.0986 6508 ql40xx - ok 21:16:14.0017 6508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:16:14.0023 6508 QWAVE - ok 21:16:14.0053 6508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:16:14.0055 6508 QWAVEdrv - ok 21:16:14.0067 6508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:16:14.0069 6508 RasAcd - ok 21:16:14.0089 6508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:16:14.0091 6508 RasAgileVpn - ok 21:16:14.0112 6508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:16:14.0117 6508 RasAuto - ok 21:16:14.0123 6508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:16:14.0126 6508 Rasl2tp - ok 21:16:14.0150 6508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:16:14.0158 6508 RasMan - ok 21:16:14.0164 6508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:16:14.0168 6508 RasPppoe - ok 21:16:14.0184 6508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:16:14.0186 6508 RasSstp - ok 21:16:14.0224 6508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:16:14.0229 6508 rdbss - ok 21:16:14.0243 6508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 21:16:14.0245 6508 rdpbus - ok 21:16:14.0271 6508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:16:14.0272 6508 RDPCDD - ok 21:16:14.0280 6508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:16:14.0282 6508 RDPENCDD - ok 21:16:14.0292 6508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:16:14.0293 6508 RDPREFMP - ok 21:16:14.0329 6508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:16:14.0332 6508 RDPWD - ok 21:16:14.0355 6508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:16:14.0358 6508 rdyboost - ok 21:16:14.0396 6508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:16:14.0400 6508 RemoteAccess - ok 21:16:14.0433 6508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:16:14.0438 6508 RemoteRegistry - ok 21:16:14.0469 6508 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 21:16:14.0474 6508 RoxioNow Service - ok 21:16:14.0495 6508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:16:14.0499 6508 RpcEptMapper - ok 21:16:14.0511 6508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:16:14.0514 6508 RpcLocator - ok 21:16:14.0538 6508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:16:14.0545 6508 RpcSs - ok 21:16:14.0620 6508 [ 7BFDFD1D2244B444D7BBC55087426518 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 21:16:14.0625 6508 RSPCIESTOR - ok 21:16:14.0656 6508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:16:14.0659 6508 rspndr - ok 21:16:14.0724 6508 [ F1D20C2B36F78863530B251DF504CC51 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 21:16:14.0728 6508 RtkAudioService - ok 21:16:14.0799 6508 [ AC4CA62572CA516945AB92D6C9F501F4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:16:14.0809 6508 RTL8167 - ok 21:16:14.0869 6508 [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 21:16:14.0881 6508 RTL8192Ce - ok 21:16:14.0896 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe 21:16:14.0899 6508 SamSs - ok 21:16:14.0933 6508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:16:14.0935 6508 sbp2port - ok 21:16:14.0971 6508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:16:14.0977 6508 SCardSvr - ok 21:16:15.0002 6508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:16:15.0004 6508 scfilter - ok 21:16:15.0041 6508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:16:15.0052 6508 Schedule - ok 21:16:15.0079 6508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:16:15.0080 6508 SCPolicySvc - ok 21:16:15.0100 6508 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 21:16:15.0108 6508 sdbus - ok 21:16:15.0133 6508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:16:15.0138 6508 SDRSVC - ok 21:16:15.0156 6508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:16:15.0158 6508 secdrv - ok 21:16:15.0169 6508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:16:15.0173 6508 seclogon - ok 21:16:15.0193 6508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:16:15.0197 6508 SENS - ok 21:16:15.0213 6508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:16:15.0218 6508 SensrSvc - ok 21:16:15.0230 6508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 21:16:15.0232 6508 Serenum - ok 21:16:15.0253 6508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:16:15.0255 6508 Serial - ok 21:16:15.0287 6508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:16:15.0289 6508 sermouse - ok 21:16:15.0332 6508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:16:15.0337 6508 SessionEnv - ok 21:16:15.0366 6508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:16:15.0368 6508 sffdisk - ok 21:16:15.0388 6508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:16:15.0390 6508 sffp_mmc - ok 21:16:15.0417 6508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:16:15.0419 6508 sffp_sd - ok 21:16:15.0426 6508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:16:15.0428 6508 sfloppy - ok 21:16:15.0477 6508 [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 21:16:15.0486 6508 Sftfs - ok 21:16:15.0561 6508 [ 77C5A741A7452812F278EF2C18478862 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 21:16:15.0568 6508 sftlist - ok 21:16:15.0593 6508 [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 21:16:15.0598 6508 Sftplay - ok 21:16:15.0623 6508 [ C5FB982CD266E604ED3142102C26D62C ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 21:16:15.0625 6508 Sftredir - ok 21:16:15.0646 6508 [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 21:16:15.0648 6508 Sftvol - ok 21:16:15.0690 6508 [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 21:16:15.0693 6508 sftvsa - ok 21:16:15.0739 6508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:16:15.0745 6508 SharedAccess - ok 21:16:15.0782 6508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:16:15.0788 6508 ShellHWDetection - ok 21:16:15.0808 6508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:16:15.0810 6508 SiSRaid2 - ok 21:16:15.0844 6508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:16:15.0847 6508 SiSRaid4 - ok 21:16:15.0873 6508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:16:15.0875 6508 Smb - ok 21:16:15.0907 6508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:16:15.0911 6508 SNMPTRAP - ok 21:16:15.0920 6508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:16:15.0922 6508 spldr - ok 21:16:15.0949 6508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:16:15.0956 6508 Spooler - ok 21:16:16.0033 6508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:16:16.0074 6508 sppsvc - ok 21:16:16.0101 6508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:16:16.0106 6508 sppuinotify - ok 21:16:16.0138 6508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:16:16.0144 6508 srv - ok 21:16:16.0155 6508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:16:16.0161 6508 srv2 - ok 21:16:16.0193 6508 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 21:16:16.0197 6508 SrvHsfHDA - ok 21:16:16.0269 6508 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 21:16:16.0312 6508 SrvHsfV92 - ok 21:16:16.0344 6508 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 21:16:16.0353 6508 SrvHsfWinac - ok 21:16:16.0384 6508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:16:16.0387 6508 srvnet - ok 21:16:16.0436 6508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:16:16.0441 6508 SSDPSRV - ok 21:16:16.0460 6508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:16:16.0473 6508 SstpSvc - ok 21:16:16.0489 6508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:16:16.0490 6508 stexstor - ok 21:16:16.0511 6508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:16:16.0521 6508 stisvc - ok 21:16:16.0550 6508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 21:16:16.0552 6508 swenum - ok 21:16:16.0588 6508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:16:16.0598 6508 swprv - ok 21:16:16.0640 6508 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:16:16.0645 6508 SynTP - ok 21:16:16.0708 6508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:16:16.0725 6508 SysMain - ok 21:16:16.0744 6508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:16:16.0749 6508 TabletInputService - ok 21:16:16.0766 6508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:16:16.0773 6508 TapiSrv - ok 21:16:16.0813 6508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:16:16.0817 6508 TBS - ok 21:16:16.0892 6508 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:16:16.0912 6508 Tcpip - ok 21:16:16.0939 6508 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:16:16.0951 6508 TCPIP6 - ok 21:16:16.0996 6508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:16:16.0998 6508 tcpipreg - ok 21:16:17.0025 6508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:16:17.0026 6508 TDPIPE - ok 21:16:17.0049 6508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:16:17.0051 6508 TDTCP - ok 21:16:17.0072 6508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:16:17.0075 6508 tdx - ok 21:16:17.0084 6508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 21:16:17.0086 6508 TermDD - ok 21:16:17.0120 6508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:16:17.0130 6508 TermService - ok 21:16:17.0147 6508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:16:17.0152 6508 Themes - ok 21:16:17.0168 6508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:16:17.0171 6508 THREADORDER - ok 21:16:17.0183 6508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:16:17.0187 6508 TrkWks - ok 21:16:17.0239 6508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:16:17.0242 6508 TrustedInstaller - ok 21:16:17.0280 6508 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:16:17.0282 6508 tssecsrv - ok 21:16:17.0309 6508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:16:17.0311 6508 TsUsbFlt - ok 21:16:17.0328 6508 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:16:17.0329 6508 TsUsbGD - ok 21:16:17.0349 6508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:16:17.0353 6508 tunnel - ok 21:16:17.0379 6508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:16:17.0399 6508 uagp35 - ok 21:16:17.0421 6508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:16:17.0434 6508 udfs - ok 21:16:17.0471 6508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:16:17.0476 6508 UI0Detect - ok 21:16:17.0487 6508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:16:17.0489 6508 uliagpkx - ok 21:16:17.0518 6508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:16:17.0521 6508 umbus - ok 21:16:17.0552 6508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:16:17.0554 6508 UmPass - ok 21:16:17.0578 6508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:16:17.0585 6508 upnphost - ok 21:16:17.0616 6508 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:16:17.0618 6508 usbccgp - ok 21:16:17.0631 6508 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:16:17.0633 6508 usbcir - ok 21:16:17.0652 6508 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\drivers\usbehci.sys 21:16:17.0654 6508 usbehci - ok 21:16:17.0677 6508 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:16:17.0682 6508 usbhub - ok 21:16:17.0701 6508 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:16:17.0703 6508 usbohci - ok 21:16:17.0725 6508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:16:17.0727 6508 usbprint - ok 21:16:17.0745 6508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:16:17.0747 6508 USBSTOR - ok 21:16:17.0776 6508 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:16:17.0778 6508 usbuhci - ok 21:16:17.0820 6508 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 21:16:17.0823 6508 usbvideo - ok 21:16:17.0846 6508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:16:17.0851 6508 UxSms - ok 21:16:17.0875 6508 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe 21:16:17.0878 6508 VaultSvc - ok 21:16:17.0900 6508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:16:17.0902 6508 vdrvroot - ok 21:16:17.0927 6508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:16:17.0937 6508 vds - ok 21:16:17.0965 6508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:16:17.0967 6508 vga - ok 21:16:17.0981 6508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:16:17.0983 6508 VgaSave - ok 21:16:18.0009 6508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:16:18.0012 6508 vhdmp - ok 21:16:18.0041 6508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:16:18.0043 6508 viaide - ok 21:16:18.0079 6508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:16:18.0081 6508 volmgr - ok 21:16:18.0101 6508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:16:18.0107 6508 volmgrx - ok 21:16:18.0130 6508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:16:18.0134 6508 volsnap - ok 21:16:18.0157 6508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:16:18.0160 6508 vsmraid - ok 21:16:18.0232 6508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:16:18.0252 6508 VSS - ok 21:16:18.0286 6508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:16:18.0288 6508 vwifibus - ok 21:16:18.0305 6508 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:16:18.0308 6508 vwififlt - ok 21:16:18.0349 6508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:16:18.0358 6508 W32Time - ok 21:16:18.0385 6508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:16:18.0387 6508 WacomPen - ok 21:16:18.0393 6508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:16:18.0397 6508 WANARP - ok 21:16:18.0402 6508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:16:18.0404 6508 Wanarpv6 - ok 21:16:18.0464 6508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:16:18.0478 6508 WatAdminSvc - ok 21:16:18.0538 6508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:16:18.0557 6508 wbengine - ok 21:16:18.0578 6508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:16:18.0584 6508 WbioSrvc - ok 21:16:18.0608 6508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:16:18.0616 6508 wcncsvc - ok 21:16:18.0647 6508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:16:18.0652 6508 WcsPlugInService - ok 21:16:18.0677 6508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:16:18.0678 6508 Wd - ok 21:16:18.0721 6508 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:16:18.0730 6508 Wdf01000 - ok 21:16:18.0746 6508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:16:18.0751 6508 WdiServiceHost - ok 21:16:18.0756 6508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:16:18.0761 6508 WdiSystemHost - ok 21:16:18.0796 6508 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll 21:16:18.0803 6508 WebClient - ok 21:16:18.0843 6508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:16:18.0850 6508 Wecsvc - ok 21:16:18.0859 6508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:16:18.0865 6508 wercplsupport - ok 21:16:18.0883 6508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:16:18.0888 6508 WerSvc - ok 21:16:18.0915 6508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:16:18.0916 6508 WfpLwf - ok 21:16:18.0935 6508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:16:18.0936 6508 WIMMount - ok 21:16:18.0968 6508 WinDefend - ok 21:16:18.0975 6508 WinHttpAutoProxySvc - ok 21:16:19.0022 6508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:16:19.0025 6508 Winmgmt - ok 21:16:19.0085 6508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:16:19.0110 6508 WinRM - ok 21:16:19.0156 6508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:16:19.0158 6508 WinUsb - ok 21:16:19.0192 6508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:16:19.0202 6508 Wlansvc - ok 21:16:19.0233 6508 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:16:19.0235 6508 wlcrasvc - ok 21:16:19.0316 6508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:16:19.0339 6508 wlidsvc - ok 21:16:19.0373 6508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:16:19.0375 6508 WmiAcpi - ok 21:16:19.0417 6508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:16:19.0420 6508 wmiApSrv - ok 21:16:19.0455 6508 WMPNetworkSvc - ok 21:16:19.0483 6508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:16:19.0488 6508 WPCSvc - ok 21:16:19.0501 6508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:16:19.0507 6508 WPDBusEnum - ok 21:16:19.0528 6508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:16:19.0530 6508 ws2ifsl - ok 21:16:19.0536 6508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:16:19.0541 6508 wscsvc - ok 21:16:19.0547 6508 WSearch - ok 21:16:19.0622 6508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:16:19.0641 6508 wuauserv - ok 21:16:19.0672 6508 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:16:19.0674 6508 WudfPf - ok 21:16:19.0688 6508 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:16:19.0691 6508 WUDFRd - ok 21:16:19.0703 6508 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:16:19.0709 6508 wudfsvc - ok 21:16:19.0742 6508 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\Windows\System32\wwansvc.dll 21:16:19.0749 6508 WwanSvc - ok 21:16:19.0760 6508 ================ Scan global =============================== 21:16:19.0806 6508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:16:19.0846 6508 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll 21:16:19.0857 6508 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll 21:16:19.0888 6508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:16:19.0916 6508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:16:19.0921 6508 [Global] - ok 21:16:19.0922 6508 ================ Scan MBR ================================== 21:16:19.0938 6508 [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0 21:16:19.0938 6508 Suspicious mbr (Forged): \Device\Harddisk0\DR0 21:16:19.0992 6508 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected 21:16:19.0992 6508 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0) 21:16:19.0992 6508 ================ Scan VBR ================================== 21:16:19.0996 6508 [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1 21:16:19.0997 6508 \Device\Harddisk0\DR0\Partition1 - ok 21:16:20.0005 6508 [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2 21:16:20.0007 6508 \Device\Harddisk0\DR0\Partition2 - ok 21:16:20.0035 6508 [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3 21:16:20.0036 6508 \Device\Harddisk0\DR0\Partition3 - ok 21:16:20.0052 6508 [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4 21:16:20.0052 6508 \Device\Harddisk0\DR0\Partition4 - ok 21:16:20.0053 6508 ============================================================ 21:16:20.0053 6508 Scan finished 21:16:20.0053 6508 ============================================================ 21:16:20.0067 6768 Detected object count: 1 21:16:20.0067 6768 Actual detected object count: 1 21:16:42.0297 6768 \Device\Harddisk0\DR0\# - copied to quarantine 21:16:42.0299 6768 \Device\Harddisk0\DR0 - copied to quarantine 21:16:42.0318 6768 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Quarantine -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
TDSSKiller Log [Part 2] 19:37:06.0504 0x102c Modem - ok 19:37:06.0524 0x102c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:37:06.0524 0x102c monitor - ok 19:37:06.0554 0x102c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:37:06.0554 0x102c mouclass - ok 19:37:06.0564 0x102c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys 19:37:06.0574 0x102c mouhid - ok 19:37:06.0594 0x102c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:37:06.0594 0x102c mountmgr - ok 19:37:06.0654 0x102c [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:37:06.0654 0x102c MozillaMaintenance - ok 19:37:06.0694 0x102c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 19:37:06.0704 0x102c mpio - ok 19:37:06.0724 0x102c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:37:06.0724 0x102c mpsdrv - ok 19:37:06.0784 0x102c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:37:06.0804 0x102c MpsSvc - ok 19:37:06.0844 0x102c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:37:06.0854 0x102c MRxDAV - ok 19:37:06.0884 0x102c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:37:06.0894 0x102c mrxsmb - ok 19:37:06.0924 0x102c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:37:06.0934 0x102c mrxsmb10 - ok 19:37:06.0944 0x102c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:37:06.0944 0x102c mrxsmb20 - ok 19:37:06.0974 0x102c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 19:37:06.0974 0x102c msahci - ok 19:37:07.0004 0x102c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:37:07.0004 0x102c msdsm - ok 19:37:07.0024 0x102c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 19:37:07.0034 0x102c MSDTC - ok 19:37:07.0064 0x102c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:37:07.0064 0x102c Msfs - ok 19:37:07.0084 0x102c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:37:07.0084 0x102c mshidkmdf - ok 19:37:07.0114 0x102c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:37:07.0124 0x102c msisadrv - ok 19:37:07.0154 0x102c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:37:07.0154 0x102c MSiSCSI - ok 19:37:07.0164 0x102c msiserver - ok 19:37:07.0184 0x102c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:37:07.0184 0x102c MSKSSRV - ok 19:37:07.0194 0x102c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:37:07.0204 0x102c MSPCLOCK - ok 19:37:07.0244 0x102c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:37:07.0244 0x102c MSPQM - ok 19:37:07.0294 0x102c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:37:07.0304 0x102c MsRPC - ok 19:37:07.0344 0x102c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 19:37:07.0344 0x102c mssmbios - ok 19:37:07.0364 0x102c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:37:07.0364 0x102c MSTEE - ok 19:37:07.0384 0x102c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 19:37:07.0384 0x102c MTConfig - ok 19:37:07.0404 0x102c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 19:37:07.0404 0x102c Mup - ok 19:37:07.0454 0x102c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 19:37:07.0464 0x102c napagent - ok 19:37:07.0494 0x102c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:37:07.0494 0x102c NativeWifiP - ok 19:37:07.0554 0x102c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 19:37:07.0584 0x102c NDIS - ok 19:37:07.0604 0x102c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:37:07.0604 0x102c NdisCap - ok 19:37:07.0628 0x102c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:37:07.0629 0x102c NdisTapi - ok 19:37:07.0646 0x102c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:37:07.0646 0x102c Ndisuio - ok 19:37:07.0656 0x102c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:37:07.0656 0x102c NdisWan - ok 19:37:07.0676 0x102c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:37:07.0686 0x102c NDProxy - ok 19:37:07.0696 0x102c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:37:07.0696 0x102c NetBIOS - ok 19:37:07.0716 0x102c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:37:07.0726 0x102c NetBT - ok 19:37:07.0756 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 19:37:07.0756 0x102c Netlogon - ok 19:37:07.0806 0x102c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 19:37:07.0816 0x102c Netman - ok 19:37:07.0836 0x102c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 19:37:07.0856 0x102c netprofm - ok 19:37:07.0886 0x102c [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:37:07.0886 0x102c NetTcpPortSharing - ok 19:37:07.0906 0x102c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:37:07.0906 0x102c nfrd960 - ok 19:37:07.0946 0x102c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:37:07.0956 0x102c NlaSvc - ok 19:37:07.0986 0x102c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:37:07.0986 0x102c Npfs - ok 19:37:08.0016 0x102c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 19:37:08.0026 0x102c nsi - ok 19:37:08.0036 0x102c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:37:08.0046 0x102c nsiproxy - ok 19:37:08.0138 0x102c [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:37:08.0198 0x102c Ntfs - ok 19:37:08.0228 0x102c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 19:37:08.0228 0x102c Null - ok 19:37:08.0248 0x102c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 19:37:08.0258 0x102c NVENETFD - ok 19:37:08.0278 0x102c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:37:08.0288 0x102c nvraid - ok 19:37:08.0318 0x102c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:37:08.0318 0x102c nvstor - ok 19:37:08.0358 0x102c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:37:08.0368 0x102c nv_agp - ok 19:37:08.0388 0x102c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:37:08.0388 0x102c ohci1394 - ok 19:37:08.0428 0x102c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:37:08.0428 0x102c ose - ok 19:37:08.0648 0x102c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:37:08.0818 0x102c osppsvc - ok 19:37:08.0868 0x102c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:37:08.0878 0x102c p2pimsvc - ok 19:37:08.0898 0x102c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 19:37:08.0918 0x102c p2psvc - ok 19:37:08.0928 0x102c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 19:37:08.0928 0x102c Parport - ok 19:37:08.0958 0x102c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:37:08.0968 0x102c partmgr - ok 19:37:08.0988 0x102c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 19:37:08.0998 0x102c PcaSvc - ok 19:37:09.0008 0x102c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 19:37:09.0008 0x102c pci - ok 19:37:09.0038 0x102c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 19:37:09.0038 0x102c pciide - ok 19:37:09.0068 0x102c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:37:09.0078 0x102c pcmcia - ok 19:37:09.0108 0x102c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 19:37:09.0108 0x102c pcw - ok 19:37:09.0148 0x102c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:37:09.0158 0x102c PEAUTH - ok 19:37:09.0238 0x102c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:37:09.0238 0x102c PerfHost - ok 19:37:09.0328 0x102c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 19:37:09.0368 0x102c pla - ok 19:37:09.0408 0x102c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:37:09.0418 0x102c PlugPlay - ok 19:37:09.0438 0x102c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:37:09.0438 0x102c PNRPAutoReg - ok 19:37:09.0468 0x102c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:37:09.0478 0x102c PNRPsvc - ok 19:37:09.0518 0x102c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:37:09.0528 0x102c PolicyAgent - ok 19:37:09.0568 0x102c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 19:37:09.0578 0x102c Power - ok 19:37:09.0608 0x102c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:37:09.0608 0x102c PptpMiniport - ok 19:37:09.0628 0x102c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 19:37:09.0628 0x102c Processor - ok 19:37:09.0668 0x102c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 19:37:09.0678 0x102c ProfSvc - ok 19:37:09.0698 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 19:37:09.0698 0x102c ProtectedStorage - ok 19:37:09.0728 0x102c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:37:09.0728 0x102c Psched - ok 19:37:09.0808 0x102c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:37:09.0848 0x102c ql2300 - ok 19:37:09.0888 0x102c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:37:09.0888 0x102c ql40xx - ok 19:37:09.0918 0x102c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 19:37:09.0928 0x102c QWAVE - ok 19:37:09.0968 0x102c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:37:09.0968 0x102c QWAVEdrv - ok 19:37:09.0988 0x102c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:37:09.0988 0x102c RasAcd - ok 19:37:10.0008 0x102c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:37:10.0018 0x102c RasAgileVpn - ok 19:37:10.0038 0x102c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 19:37:10.0038 0x102c RasAuto - ok 19:37:10.0048 0x102c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:37:10.0058 0x102c Rasl2tp - ok 19:37:10.0088 0x102c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 19:37:10.0098 0x102c RasMan - ok 19:37:10.0108 0x102c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:37:10.0108 0x102c RasPppoe - ok 19:37:10.0128 0x102c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:37:10.0128 0x102c RasSstp - ok 19:37:10.0168 0x102c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:37:10.0178 0x102c rdbss - ok 19:37:10.0198 0x102c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 19:37:10.0198 0x102c rdpbus - ok 19:37:10.0218 0x102c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:37:10.0218 0x102c RDPCDD - ok 19:37:10.0228 0x102c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:37:10.0228 0x102c RDPENCDD - ok 19:37:10.0238 0x102c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:37:10.0238 0x102c RDPREFMP - ok 19:37:10.0278 0x102c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:37:10.0278 0x102c RDPWD - ok 19:37:10.0308 0x102c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:37:10.0318 0x102c rdyboost - ok 19:37:10.0358 0x102c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:37:10.0368 0x102c RemoteAccess - ok 19:37:10.0398 0x102c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:37:10.0408 0x102c RemoteRegistry - ok 19:37:10.0448 0x102c [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 19:37:10.0468 0x102c RoxioNow Service - ok 19:37:10.0488 0x102c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:37:10.0488 0x102c RpcEptMapper - ok 19:37:10.0508 0x102c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 19:37:10.0518 0x102c RpcLocator - ok 19:37:10.0558 0x102c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 19:37:10.0568 0x102c RpcSs - ok 19:37:10.0658 0x102c [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 19:37:10.0668 0x102c RSPCIESTOR - ok 19:37:10.0698 0x102c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:37:10.0708 0x102c rspndr - ok 19:37:10.0768 0x102c [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 19:37:10.0778 0x102c RtkAudioService - ok 19:37:10.0868 0x102c [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 19:37:10.0888 0x102c RTL8167 - ok 19:37:10.0978 0x102c [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 19:37:11.0008 0x102c RTL8192Ce - ok 19:37:11.0028 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 19:37:11.0028 0x102c SamSs - ok 19:37:11.0068 0x102c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:37:11.0068 0x102c sbp2port - ok 19:37:11.0108 0x102c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:37:11.0118 0x102c SCardSvr - ok 19:37:11.0138 0x102c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:37:11.0138 0x102c scfilter - ok 19:37:11.0188 0x102c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 19:37:11.0228 0x102c Schedule - ok 19:37:11.0258 0x102c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 19:37:11.0258 0x102c SCPolicySvc - ok 19:37:11.0278 0x102c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 19:37:11.0278 0x102c sdbus - ok 19:37:11.0308 0x102c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:37:11.0318 0x102c SDRSVC - ok 19:37:11.0338 0x102c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:37:11.0338 0x102c secdrv - ok 19:37:11.0358 0x102c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 19:37:11.0358 0x102c seclogon - ok 19:37:11.0378 0x102c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 19:37:11.0388 0x102c SENS - ok 19:37:11.0398 0x102c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:37:11.0398 0x102c SensrSvc - ok 19:37:11.0418 0x102c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 19:37:11.0418 0x102c Serenum - ok 19:37:11.0438 0x102c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 19:37:11.0448 0x102c Serial - ok 19:37:11.0478 0x102c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:37:11.0478 0x102c sermouse - ok 19:37:11.0518 0x102c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 19:37:11.0528 0x102c SessionEnv - ok 19:37:11.0558 0x102c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:37:11.0558 0x102c sffdisk - ok 19:37:11.0578 0x102c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:37:11.0578 0x102c sffp_mmc - ok 19:37:11.0608 0x102c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:37:11.0608 0x102c sffp_sd - ok 19:37:11.0618 0x102c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:37:11.0618 0x102c sfloppy - ok 19:37:11.0668 0x102c [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 19:37:11.0688 0x102c Sftfs - ok 19:37:11.0768 0x102c [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 19:37:11.0778 0x102c sftlist - ok 19:37:11.0818 0x102c [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 19:37:11.0828 0x102c Sftplay - ok 19:37:11.0858 0x102c [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 19:37:11.0858 0x102c Sftredir - ok 19:37:11.0878 0x102c [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 19:37:11.0878 0x102c Sftvol - ok 19:37:11.0918 0x102c [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 19:37:11.0918 0x102c sftvsa - ok 19:37:11.0968 0x102c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:37:11.0978 0x102c SharedAccess - ok 19:37:12.0028 0x102c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:37:12.0038 0x102c ShellHWDetection - ok 19:37:12.0068 0x102c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:37:12.0068 0x102c SiSRaid2 - ok 19:37:12.0098 0x102c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:37:12.0108 0x102c SiSRaid4 - ok 19:37:12.0128 0x102c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:37:12.0128 0x102c Smb - ok 19:37:12.0158 0x102c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:37:12.0168 0x102c SNMPTRAP - ok 19:37:12.0178 0x102c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 19:37:12.0178 0x102c spldr - ok 19:37:12.0208 0x102c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 19:37:12.0228 0x102c Spooler - ok 19:37:12.0368 0x102c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 19:37:12.0438 0x102c sppsvc - ok 19:37:12.0468 0x102c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:37:12.0478 0x102c sppuinotify - ok 19:37:12.0508 0x102c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:37:12.0528 0x102c srv - ok 19:37:12.0548 0x102c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:37:12.0558 0x102c srv2 - ok 19:37:12.0618 0x102c [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 19:37:12.0628 0x102c SrvHsfHDA - ok 19:37:12.0698 0x102c [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 19:37:12.0738 0x102c SrvHsfV92 - ok 19:37:12.0788 0x102c [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 19:37:12.0808 0x102c SrvHsfWinac - ok 19:37:12.0838 0x102c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:37:12.0848 0x102c srvnet - ok 19:37:12.0878 0x102c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:37:12.0888 0x102c SSDPSRV - ok 19:37:12.0908 0x102c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:37:12.0908 0x102c SstpSvc - ok 19:37:12.0928 0x102c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:37:12.0938 0x102c stexstor - ok 19:37:12.0978 0x102c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 19:37:12.0998 0x102c stisvc - ok 19:37:13.0028 0x102c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 19:37:13.0028 0x102c swenum - ok 19:37:13.0078 0x102c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 19:37:13.0088 0x102c swprv - ok 19:37:13.0138 0x102c [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 19:37:13.0148 0x102c SynTP - ok 19:37:13.0228 0x102c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 19:37:13.0268 0x102c SysMain - ok 19:37:13.0308 0x102c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:37:13.0318 0x102c TabletInputService - ok 19:37:13.0348 0x102c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 19:37:13.0358 0x102c TapiSrv - ok 19:37:13.0378 0x102c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 19:37:13.0388 0x102c TBS - ok 19:37:13.0488 0x102c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:37:13.0538 0x102c Tcpip - ok 19:37:13.0608 0x102c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:37:13.0658 0x102c TCPIP6 - ok 19:37:13.0698 0x102c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:37:13.0698 0x102c tcpipreg - ok 19:37:13.0728 0x102c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:37:13.0728 0x102c TDPIPE - ok 19:37:13.0748 0x102c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:37:13.0748 0x102c TDTCP - ok 19:37:13.0778 0x102c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:37:13.0778 0x102c tdx - ok 19:37:13.0798 0x102c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 19:37:13.0798 0x102c TermDD - ok 19:37:13.0838 0x102c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 19:37:13.0858 0x102c TermService - ok 19:37:13.0878 0x102c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 19:37:13.0888 0x102c Themes - ok 19:37:13.0898 0x102c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 19:37:13.0908 0x102c THREADORDER - ok 19:37:13.0928 0x102c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 19:37:13.0938 0x102c TrkWks - ok 19:37:13.0988 0x102c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:37:13.0988 0x102c TrustedInstaller - ok 19:37:14.0038 0x102c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:37:14.0038 0x102c tssecsrv - ok 19:37:14.0078 0x102c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:37:14.0078 0x102c TsUsbFlt - ok 19:37:14.0098 0x102c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 19:37:14.0098 0x102c TsUsbGD - ok 19:37:14.0118 0x102c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:37:14.0118 0x102c tunnel - ok 19:37:14.0148 0x102c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:37:14.0148 0x102c uagp35 - ok 19:37:14.0178 0x102c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:37:14.0188 0x102c udfs - ok 19:37:14.0228 0x102c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:37:14.0228 0x102c UI0Detect - ok 19:37:14.0258 0x102c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:37:14.0258 0x102c uliagpkx - ok 19:37:14.0288 0x102c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:37:14.0288 0x102c umbus - ok 19:37:14.0318 0x102c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 19:37:14.0318 0x102c UmPass - ok 19:37:14.0348 0x102c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 19:37:14.0358 0x102c upnphost - ok 19:37:14.0398 0x102c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:37:14.0398 0x102c usbccgp - ok 19:37:14.0418 0x102c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:37:14.0428 0x102c usbcir - ok 19:37:14.0438 0x102c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 19:37:14.0438 0x102c usbehci - ok 19:37:14.0468 0x102c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:37:14.0478 0x102c usbhub - ok 19:37:14.0498 0x102c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:37:14.0498 0x102c usbohci - ok 19:37:14.0528 0x102c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 19:37:14.0528 0x102c usbprint - ok 19:37:14.0548 0x102c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:37:14.0548 0x102c USBSTOR - ok 19:37:14.0588 0x102c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:37:14.0588 0x102c usbuhci - ok 19:37:14.0628 0x102c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 19:37:14.0638 0x102c usbvideo - ok 19:37:14.0668 0x102c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 19:37:14.0668 0x102c UxSms - ok 19:37:14.0698 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 19:37:14.0698 0x102c VaultSvc - ok 19:37:14.0728 0x102c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:37:14.0738 0x102c vdrvroot - ok 19:37:14.0768 0x102c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 19:37:14.0788 0x102c vds - ok 19:37:14.0818 0x102c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:37:14.0818 0x102c vga - ok 19:37:14.0848 0x102c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 19:37:14.0848 0x102c VgaSave - ok 19:37:14.0878 0x102c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:37:14.0888 0x102c vhdmp - ok 19:37:14.0918 0x102c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 19:37:14.0918 0x102c viaide - ok 19:37:14.0968 0x102c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:37:14.0968 0x102c volmgr - ok 19:37:15.0008 0x102c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:37:15.0018 0x102c volmgrx - ok 19:37:15.0048 0x102c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:37:15.0048 0x102c volsnap - ok 19:37:15.0078 0x102c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:37:15.0088 0x102c vsmraid - ok 19:37:15.0168 0x102c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 19:37:15.0208 0x102c VSS - ok 19:37:15.0238 0x102c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:37:15.0238 0x102c vwifibus - ok 19:37:15.0258 0x102c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:37:15.0268 0x102c vwififlt - ok 19:37:15.0298 0x102c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 19:37:15.0308 0x102c W32Time - ok 19:37:15.0328 0x102c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 19:37:15.0328 0x102c WacomPen - ok 19:37:15.0338 0x102c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:37:15.0348 0x102c WANARP - ok 19:37:15.0348 0x102c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:37:15.0358 0x102c Wanarpv6 - ok 19:37:15.0428 0x102c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 19:37:15.0458 0x102c WatAdminSvc - ok 19:37:15.0538 0x102c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 19:37:15.0578 0x102c wbengine - ok 19:37:15.0598 0x102c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:37:15.0608 0x102c WbioSrvc - ok 19:37:15.0638 0x102c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:37:15.0648 0x102c wcncsvc - ok 19:37:15.0678 0x102c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:37:15.0688 0x102c WcsPlugInService - ok 19:37:15.0708 0x102c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 19:37:15.0708 0x102c Wd - ok 19:37:15.0768 0x102c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:37:15.0788 0x102c Wdf01000 - ok 19:37:15.0798 0x102c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:37:15.0808 0x102c WdiServiceHost - ok 19:37:15.0818 0x102c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:37:15.0818 0x102c WdiSystemHost - ok 19:37:15.0868 0x102c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 19:37:15.0878 0x102c WebClient - ok 19:37:15.0918 0x102c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:37:15.0928 0x102c Wecsvc - ok 19:37:15.0948 0x102c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:37:15.0958 0x102c wercplsupport - ok 19:37:15.0968 0x102c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 19:37:15.0978 0x102c WerSvc - ok 19:37:15.0998 0x102c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:37:16.0008 0x102c WfpLwf - ok 19:37:16.0018 0x102c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:37:16.0028 0x102c WIMMount - ok 19:37:16.0058 0x102c WinDefend - ok 19:37:16.0058 0x102c WinHttpAutoProxySvc - ok 19:37:16.0118 0x102c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:37:16.0118 0x102c Winmgmt - ok 19:37:16.0218 0x102c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 19:37:16.0268 0x102c WinRM - ok 19:37:16.0328 0x102c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:37:16.0338 0x102c WinUsb - ok 19:37:16.0378 0x102c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 19:37:16.0408 0x102c Wlansvc - ok 19:37:16.0448 0x102c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:37:16.0448 0x102c wlcrasvc - ok 19:37:16.0558 0x102c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:37:16.0618 0x102c wlidsvc - ok 19:37:16.0658 0x102c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 19:37:16.0658 0x102c WmiAcpi - ok 19:37:16.0708 0x102c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:37:16.0718 0x102c wmiApSrv - ok 19:37:16.0758 0x102c WMPNetworkSvc - ok 19:37:16.0778 0x102c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:37:16.0788 0x102c WPCSvc - ok 19:37:16.0798 0x102c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:37:16.0808 0x102c WPDBusEnum - ok 19:37:16.0838 0x102c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:37:16.0838 0x102c ws2ifsl - ok 19:37:16.0858 0x102c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 19:37:16.0858 0x102c wscsvc - ok 19:37:16.0868 0x102c WSearch - ok 19:37:16.0978 0x102c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 19:37:17.0038 0x102c wuauserv - ok 19:37:17.0068 0x102c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:37:17.0078 0x102c WudfPf - ok 19:37:17.0098 0x102c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:37:17.0108 0x102c WUDFRd - ok 19:37:17.0128 0x102c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:37:17.0128 0x102c wudfsvc - ok 19:37:17.0168 0x102c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 19:37:17.0178 0x102c WwanSvc - ok 19:37:17.0188 0x102c ================ Scan global =============================== 19:37:17.0238 0x102c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 19:37:17.0278 0x102c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 19:37:17.0298 0x102c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 19:37:17.0328 0x102c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 19:37:17.0378 0x102c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 19:37:17.0388 0x102c [ Global ] - ok 19:37:17.0388 0x102c ================ Scan MBR ================================== 19:37:17.0398 0x102c [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0 19:37:17.0398 0x102c Suspicious mbr (Forged): \Device\Harddisk0\DR0 19:37:17.0508 0x102c \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a ( 0 ) 19:37:17.0508 0x102c \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected 19:37:30.0500 0x102c ================ Scan VBR ================================== 19:37:30.0830 0x102c [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1 19:37:30.0840 0x102c \Device\Harddisk0\DR0\Partition1 - ok 19:37:30.0850 0x102c [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2 19:37:30.0850 0x102c \Device\Harddisk0\DR0\Partition2 - ok 19:37:30.0880 0x102c [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3 19:37:30.0880 0x102c \Device\Harddisk0\DR0\Partition3 - ok 19:37:30.0890 0x102c [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4 19:37:30.0900 0x102c \Device\Harddisk0\DR0\Partition4 - ok 19:37:31.0100 0x102c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated ) 19:37:31.0230 0x102c Win FW state via NFP2: enabled 19:37:33.0822 0x102c ============================================================ 19:37:33.0822 0x102c Scan finished 19:37:33.0822 0x102c ============================================================ 19:37:33.0842 0x0d40 Detected object count: 1 19:37:33.0842 0x0d40 Actual detected object count: 1 19:38:16.0764 0x0d40 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - skipped by user 19:38:16.0764 0x0d40 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Skip 19:40:09.0771 0x02d0 Deinitialize success -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
TDSSKiller Log [Part 1] 19:36:25.0289 0x0990 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12 19:36:31.0324 0x0990 ============================================================ 19:36:31.0324 0x0990 Current date / time: 2014/04/07 19:36:31.0324 19:36:31.0324 0x0990 SystemInfo: 19:36:31.0324 0x0990 19:36:31.0324 0x0990 OS Version: 6.1.7601 ServicePack: 1.0 19:36:31.0324 0x0990 Product type: Workstation 19:36:31.0325 0x0990 ComputerName: WALMART-HP 19:36:31.0325 0x0990 UserName: walmart 19:36:31.0325 0x0990 Windows directory: C:\Windows 19:36:31.0325 0x0990 System windows directory: C:\Windows 19:36:31.0325 0x0990 Running under WOW64 19:36:31.0326 0x0990 Processor architecture: Intel x64 19:36:31.0326 0x0990 Number of processors: 2 19:36:31.0326 0x0990 Page size: 0x1000 19:36:31.0326 0x0990 Boot type: Normal boot 19:36:31.0326 0x0990 ============================================================ 19:36:31.0532 0x0990 KLMD registered as C:\Windows\system32\drivers\94077039.sys 19:36:32.0058 0x0990 System UUID: {F2E90BC9-A548-FF9E-AC89-A246D26B8FE3} 19:36:33.0052 0x0990 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:36:33.0059 0x0990 ============================================================ 19:36:33.0059 0x0990 \Device\Harddisk0\DR0: 19:36:33.0059 0x0990 MBR partitions: 19:36:33.0059 0x0990 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 19:36:33.0059 0x0990 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800 19:36:33.0059 0x0990 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000 19:36:33.0059 0x0990 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 19:36:33.0059 0x0990 ============================================================ 19:36:33.0087 0x0990 C: <-> \Device\Harddisk0\DR0\Partition2 19:36:33.0131 0x0990 D: <-> \Device\Harddisk0\DR0\Partition3 19:36:33.0144 0x0990 F: <-> \Device\Harddisk0\DR0\Partition4 19:36:33.0144 0x0990 ============================================================ 19:36:33.0144 0x0990 Initialize success 19:36:33.0144 0x0990 ============================================================ 19:36:53.0694 0x102c ============================================================ 19:36:53.0694 0x102c Scan started 19:36:53.0694 0x102c Mode: Manual; 19:36:53.0694 0x102c ============================================================ 19:36:53.0694 0x102c KSN ping started 19:36:56.0224 0x102c KSN ping finished: true 19:36:56.0794 0x102c ================ Scan system memory ======================== 19:36:56.0794 0x102c System memory - ok 19:36:56.0794 0x102c ================ Scan services ============================= 19:36:56.0974 0x102c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:36:56.0984 0x102c 1394ohci - ok 19:36:57.0064 0x102c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:36:57.0074 0x102c ACPI - ok 19:36:57.0114 0x102c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:36:57.0124 0x102c AcpiPmi - ok 19:36:57.0214 0x102c [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:36:57.0224 0x102c AdobeFlashPlayerUpdateSvc - ok 19:36:57.0294 0x102c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:36:57.0304 0x102c adp94xx - ok 19:36:57.0354 0x102c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:36:57.0364 0x102c adpahci - ok 19:36:57.0394 0x102c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:36:57.0404 0x102c adpu320 - ok 19:36:57.0444 0x102c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:36:57.0444 0x102c AeLookupSvc - ok 19:36:57.0514 0x102c [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 19:36:57.0514 0x102c AERTFilters - ok 19:36:57.0564 0x102c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 19:36:57.0574 0x102c AFD - ok 19:36:57.0614 0x102c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 19:36:57.0624 0x102c agp440 - ok 19:36:57.0644 0x102c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 19:36:57.0654 0x102c ALG - ok 19:36:57.0674 0x102c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 19:36:57.0674 0x102c aliide - ok 19:36:57.0684 0x102c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 19:36:57.0684 0x102c amdide - ok 19:36:57.0714 0x102c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:36:57.0714 0x102c AmdK8 - ok 19:36:57.0734 0x102c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 19:36:57.0744 0x102c AmdPPM - ok 19:36:57.0774 0x102c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:36:57.0784 0x102c amdsata - ok 19:36:57.0804 0x102c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:36:57.0814 0x102c amdsbs - ok 19:36:57.0824 0x102c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:36:57.0824 0x102c amdxata - ok 19:36:57.0854 0x102c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 19:36:57.0854 0x102c AppID - ok 19:36:57.0894 0x102c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:36:57.0894 0x102c AppIDSvc - ok 19:36:57.0934 0x102c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 19:36:57.0934 0x102c Appinfo - ok 19:36:57.0964 0x102c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 19:36:57.0964 0x102c arc - ok 19:36:57.0994 0x102c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:36:57.0994 0x102c arcsas - ok 19:36:58.0054 0x102c [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 19:36:58.0054 0x102c aswMonFlt - ok 19:36:58.0116 0x102c [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 19:36:58.0116 0x102c aswRdr - ok 19:36:58.0146 0x102c [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 19:36:58.0146 0x102c aswRvrt - ok 19:36:58.0216 0x102c [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 19:36:58.0246 0x102c aswSnx - ok 19:36:58.0286 0x102c [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys 19:36:58.0306 0x102c aswSP - ok 19:36:58.0346 0x102c [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys 19:36:58.0356 0x102c aswStm - ok 19:36:58.0376 0x102c [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 19:36:58.0376 0x102c aswVmm - ok 19:36:58.0396 0x102c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:36:58.0396 0x102c AsyncMac - ok 19:36:58.0426 0x102c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 19:36:58.0426 0x102c atapi - ok 19:36:58.0466 0x102c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:36:58.0486 0x102c AudioEndpointBuilder - ok 19:36:58.0506 0x102c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:36:58.0526 0x102c AudioSrv - ok 19:36:58.0666 0x102c [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 19:36:58.0666 0x102c avast! Antivirus - ok 19:36:58.0696 0x102c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:36:58.0696 0x102c AxInstSV - ok 19:36:58.0746 0x102c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:36:58.0766 0x102c b06bdrv - ok 19:36:58.0796 0x102c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:36:58.0806 0x102c b57nd60a - ok 19:36:58.0876 0x102c [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 19:36:58.0906 0x102c BCM43XX - ok 19:36:58.0936 0x102c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 19:36:58.0946 0x102c BDESVC - ok 19:36:58.0956 0x102c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 19:36:58.0956 0x102c Beep - ok 19:36:58.0996 0x102c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 19:36:59.0016 0x102c BFE - ok 19:36:59.0066 0x102c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 19:36:59.0096 0x102c BITS - ok 19:36:59.0126 0x102c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 19:36:59.0126 0x102c blbdrive - ok 19:36:59.0156 0x102c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:36:59.0156 0x102c bowser - ok 19:36:59.0186 0x102c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 19:36:59.0186 0x102c BrFiltLo - ok 19:36:59.0206 0x102c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 19:36:59.0206 0x102c BrFiltUp - ok 19:36:59.0236 0x102c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 19:36:59.0246 0x102c Browser - ok 19:36:59.0276 0x102c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:36:59.0286 0x102c Brserid - ok 19:36:59.0306 0x102c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:36:59.0316 0x102c BrSerWdm - ok 19:36:59.0346 0x102c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:36:59.0346 0x102c BrUsbMdm - ok 19:36:59.0376 0x102c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:36:59.0386 0x102c BrUsbSer - ok 19:36:59.0406 0x102c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:36:59.0416 0x102c BTHMODEM - ok 19:36:59.0446 0x102c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 19:36:59.0446 0x102c bthserv - ok 19:36:59.0476 0x102c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:36:59.0486 0x102c cdfs - ok 19:36:59.0506 0x102c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:36:59.0516 0x102c cdrom - ok 19:36:59.0536 0x102c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 19:36:59.0536 0x102c CertPropSvc - ok 19:36:59.0546 0x102c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 19:36:59.0556 0x102c circlass - ok 19:36:59.0586 0x102c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 19:36:59.0596 0x102c CLFS - ok 19:36:59.0666 0x102c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:36:59.0676 0x102c clr_optimization_v2.0.50727_32 - ok 19:36:59.0706 0x102c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:36:59.0716 0x102c clr_optimization_v2.0.50727_64 - ok 19:36:59.0766 0x102c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:36:59.0796 0x102c clr_optimization_v4.0.30319_32 - ok 19:36:59.0826 0x102c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:36:59.0836 0x102c clr_optimization_v4.0.30319_64 - ok 19:36:59.0866 0x102c [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 19:36:59.0866 0x102c clwvd - ok 19:36:59.0896 0x102c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 19:36:59.0896 0x102c CmBatt - ok 19:36:59.0926 0x102c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:36:59.0936 0x102c cmdide - ok 19:36:59.0976 0x102c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 19:36:59.0996 0x102c CNG - ok 19:37:00.0016 0x102c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 19:37:00.0016 0x102c Compbatt - ok 19:37:00.0036 0x102c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 19:37:00.0046 0x102c CompositeBus - ok 19:37:00.0046 0x102c COMSysApp - ok 19:37:00.0066 0x102c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:37:00.0076 0x102c crcdisk - ok 19:37:00.0116 0x102c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:37:00.0116 0x102c CryptSvc - ok 19:37:00.0276 0x102c [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 19:37:00.0286 0x102c cvhsvc - ok 19:37:00.0346 0x102c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:37:00.0356 0x102c DcomLaunch - ok 19:37:00.0396 0x102c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 19:37:00.0406 0x102c defragsvc - ok 19:37:00.0436 0x102c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:37:00.0436 0x102c DfsC - ok 19:37:00.0466 0x102c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 19:37:00.0476 0x102c Dhcp - ok 19:37:00.0486 0x102c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 19:37:00.0496 0x102c discache - ok 19:37:00.0536 0x102c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 19:37:00.0536 0x102c Disk - ok 19:37:00.0576 0x102c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:37:00.0576 0x102c Dnscache - ok 19:37:00.0620 0x102c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 19:37:00.0628 0x102c dot3svc - ok 19:37:00.0648 0x102c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 19:37:00.0658 0x102c DPS - ok 19:37:00.0698 0x102c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:37:00.0698 0x102c drmkaud - ok 19:37:00.0768 0x102c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:37:00.0798 0x102c DXGKrnl - ok 19:37:00.0848 0x102c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 19:37:00.0858 0x102c EapHost - ok 19:37:00.0998 0x102c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:37:01.0088 0x102c ebdrv - ok 19:37:01.0128 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 19:37:01.0128 0x102c EFS - ok 19:37:01.0208 0x102c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:37:01.0218 0x102c ehRecvr - ok 19:37:01.0258 0x102c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 19:37:01.0258 0x102c ehSched - ok 19:37:01.0308 0x102c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:37:01.0328 0x102c elxstor - ok 19:37:01.0358 0x102c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:37:01.0368 0x102c ErrDev - ok 19:37:01.0418 0x102c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 19:37:01.0428 0x102c EventSystem - ok 19:37:01.0448 0x102c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 19:37:01.0458 0x102c exfat - ok 19:37:01.0498 0x102c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:37:01.0498 0x102c fastfat - ok 19:37:01.0528 0x102c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 19:37:01.0548 0x102c Fax - ok 19:37:01.0568 0x102c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 19:37:01.0568 0x102c fdc - ok 19:37:01.0598 0x102c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 19:37:01.0608 0x102c fdPHost - ok 19:37:01.0618 0x102c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 19:37:01.0618 0x102c FDResPub - ok 19:37:01.0648 0x102c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:37:01.0648 0x102c FileInfo - ok 19:37:01.0658 0x102c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:37:01.0658 0x102c Filetrace - ok 19:37:01.0668 0x102c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 19:37:01.0668 0x102c flpydisk - ok 19:37:01.0698 0x102c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:37:01.0708 0x102c FltMgr - ok 19:37:01.0778 0x102c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 19:37:01.0808 0x102c FontCache - ok 19:37:01.0858 0x102c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:37:01.0868 0x102c FontCache3.0.0.0 - ok 19:37:01.0888 0x102c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:37:01.0888 0x102c FsDepends - ok 19:37:01.0918 0x102c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:37:01.0918 0x102c Fs_Rec - ok 19:37:01.0958 0x102c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:37:01.0958 0x102c fvevol - ok 19:37:01.0988 0x102c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:37:01.0988 0x102c gagp30kx - ok 19:37:02.0038 0x102c [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 19:37:02.0038 0x102c GameConsoleService - ok 19:37:02.0098 0x102c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 19:37:02.0118 0x102c gpsvc - ok 19:37:02.0178 0x102c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:37:02.0178 0x102c gupdate - ok 19:37:02.0188 0x102c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:37:02.0188 0x102c gupdatem - ok 19:37:02.0208 0x102c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:37:02.0208 0x102c hcw85cir - ok 19:37:02.0238 0x102c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:37:02.0248 0x102c HdAudAddService - ok 19:37:02.0278 0x102c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 19:37:02.0288 0x102c HDAudBus - ok 19:37:02.0308 0x102c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 19:37:02.0308 0x102c HidBatt - ok 19:37:02.0328 0x102c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:37:02.0328 0x102c HidBth - ok 19:37:02.0358 0x102c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 19:37:02.0358 0x102c HidIr - ok 19:37:02.0378 0x102c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 19:37:02.0388 0x102c hidserv - ok 19:37:02.0418 0x102c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:37:02.0418 0x102c HidUsb - ok 19:37:02.0458 0x102c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:37:02.0458 0x102c hkmsvc - ok 19:37:02.0478 0x102c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:37:02.0488 0x102c HomeGroupListener - ok 19:37:02.0518 0x102c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:37:02.0528 0x102c HomeGroupProvider - ok 19:37:02.0588 0x102c [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:37:02.0588 0x102c HP Support Assistant Service - ok 19:37:02.0638 0x102c [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 19:37:02.0638 0x102c HP Wireless Assistant Service - ok 19:37:02.0678 0x102c [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 19:37:02.0688 0x102c HPClientSvc - ok 19:37:02.0768 0x102c [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 19:37:02.0788 0x102c hpqwmiex - ok 19:37:02.0818 0x102c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:37:02.0818 0x102c HpSAMD - ok 19:37:02.0878 0x102c [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 19:37:02.0878 0x102c HPWMISVC - ok 19:37:02.0928 0x102c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:37:02.0948 0x102c HTTP - ok 19:37:02.0968 0x102c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:37:02.0968 0x102c hwpolicy - ok 19:37:03.0006 0x102c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:37:03.0010 0x102c i8042prt - ok 19:37:03.0050 0x102c [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 19:37:03.0060 0x102c iaStor - ok 19:37:03.0110 0x102c [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 19:37:03.0110 0x102c IAStorDataMgrSvc - ok 19:37:03.0150 0x102c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:37:03.0160 0x102c iaStorV - ok 19:37:03.0410 0x102c [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 19:37:03.0460 0x102c IconMan_R - ok 19:37:03.0550 0x102c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:37:03.0570 0x102c idsvc - ok 19:37:03.0610 0x102c IEEtwCollectorService - ok 19:37:04.0052 0x102c [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:37:04.0432 0x102c igfx - ok 19:37:04.0502 0x102c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:37:04.0512 0x102c iirsp - ok 19:37:04.0562 0x102c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 19:37:04.0592 0x102c IKEEXT - ok 19:37:04.0764 0x102c [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 19:37:04.0914 0x102c IntcAzAudAddService - ok 19:37:04.0954 0x102c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 19:37:04.0954 0x102c intelide - ok 19:37:04.0994 0x102c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:37:04.0994 0x102c intelppm - ok 19:37:05.0024 0x102c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:37:05.0024 0x102c IPBusEnum - ok 19:37:05.0044 0x102c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:37:05.0054 0x102c IpFilterDriver - ok 19:37:05.0094 0x102c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:37:05.0114 0x102c iphlpsvc - ok 19:37:05.0154 0x102c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:37:05.0164 0x102c IPMIDRV - ok 19:37:05.0184 0x102c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:37:05.0194 0x102c IPNAT - ok 19:37:05.0224 0x102c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:37:05.0234 0x102c IRENUM - ok 19:37:05.0254 0x102c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:37:05.0254 0x102c isapnp - ok 19:37:05.0284 0x102c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:37:05.0284 0x102c iScsiPrt - ok 19:37:05.0314 0x102c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 19:37:05.0314 0x102c kbdclass - ok 19:37:05.0344 0x102c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 19:37:05.0344 0x102c kbdhid - ok 19:37:05.0364 0x102c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 19:37:05.0364 0x102c KeyIso - ok 19:37:05.0404 0x102c [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:37:05.0404 0x102c KSecDD - ok 19:37:05.0444 0x102c [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:37:05.0444 0x102c KSecPkg - ok 19:37:05.0484 0x102c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:37:05.0494 0x102c ksthunk - ok 19:37:05.0554 0x102c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 19:37:05.0564 0x102c KtmRm - ok 19:37:05.0594 0x102c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:37:05.0604 0x102c LanmanServer - ok 19:37:05.0624 0x102c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:37:05.0634 0x102c LanmanWorkstation - ok 19:37:05.0674 0x102c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:37:05.0684 0x102c lltdio - ok 19:37:05.0714 0x102c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:37:05.0734 0x102c lltdsvc - ok 19:37:05.0774 0x102c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:37:05.0774 0x102c lmhosts - ok 19:37:05.0804 0x102c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:37:05.0804 0x102c LSI_FC - ok 19:37:05.0834 0x102c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:37:05.0844 0x102c LSI_SAS - ok 19:37:05.0854 0x102c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:37:05.0854 0x102c LSI_SAS2 - ok 19:37:05.0874 0x102c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:37:05.0884 0x102c LSI_SCSI - ok 19:37:05.0904 0x102c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 19:37:05.0914 0x102c luafv - ok 19:37:05.0964 0x102c [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:37:05.0964 0x102c MBAMProtector - ok 19:37:06.0094 0x102c [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe 19:37:06.0134 0x102c MBAMScheduler - ok 19:37:06.0214 0x102c [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe 19:37:06.0244 0x102c MBAMService - ok 19:37:06.0294 0x102c [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 19:37:06.0294 0x102c MBAMSwissArmy - ok 19:37:06.0324 0x102c [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 19:37:06.0334 0x102c MBAMWebAccessControl - ok 19:37:06.0364 0x102c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:37:06.0374 0x102c Mcx2Svc - ok 19:37:06.0404 0x102c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 19:37:06.0404 0x102c megasas - ok 19:37:06.0434 0x102c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 19:37:06.0434 0x102c MegaSR - ok 19:37:06.0464 0x102c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 19:37:06.0474 0x102c MMCSS - ok 19:37:06.0504 0x102c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by walmart at 2014-04-07 19:28:55 Running from C:\Users\walmart\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - ) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 6.0.2 - Biztree Inc.) Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.2.1.3726 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version: - Zecter Inc.) HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Documentation (HKLM-x32\...\{212A6F92-4871-4BD9-8E4F-F876595DE899}) (Version: 1.1.0.0 - Hewlett-Packard) HP Game Console (x32 Version: - WildTangent) Hidden HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MovieStore (x32 Version: 1.0.045 - Hewlett-Packard) Hidden HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{3B37422F-1A58-4138-AB02-0DD9035C02C6}) (Version: 8.6.4516.3597 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13155.3599 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.) Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow) Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation) Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Restore Points ========================= 02-04-2014 07:59:13 avast! antivirus system restore point 02-04-2014 08:00:12 Windows Update 05-04-2014 01:35:52 Removed Java 6 Update 39 05-04-2014 01:40:01 Removed Java 6 Update 22 (64-bit) 05-04-2014 01:43:00 Installed Java 7 Update 51 06-04-2014 07:40:42 Installed Realtek Ethernet Controller Driver 06-04-2014 07:49:45 Installed Realtek PCIE Card Reader 06-04-2014 12:18:45 Adblock Plus for IE 06-04-2014 12:55:17 Removed SlimDrivers ==================== Hosts content: ========================== 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {09F45ECB-415B-4D39-BCB2-0A7ECF0D47C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {146CE913-73E7-46C5-989A-98692C609DE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-31] (Adobe Systems Incorporated) Task: {2A1E5ECB-9D15-4FBB-BEAF-3B242CDD3CBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {3406380E-B823-4286-B14E-9404A48E6574} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company) Task: {3E997865-1687-41C9-BBFC-E3E9AA6FF1FE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-12-08] () Task: {3FCE58DA-9B6D-4BAE-8798-351F28C8034B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {448DAF13-A07A-4DE6-8C62-4414F3C7D006} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {913686CD-D599-43F9-B90E-F89ACF4DDF95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {97B3CEB7-4986-40FF-ABA3-2FC9FEF75FCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {A989ABB6-D74E-40DC-BBD8-1D3637A06612} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: {B1EFBB00-9A6A-4906-BC6D-FDFA050E9750} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {C77247DF-F33C-4E49-9917-F08D5D718507} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {CA752EF7-0F25-4C9D-A608-4A1156F0AB56} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink) Task: {DAC954F1-A9E3-4311-B889-EE907A5BB72C} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe Task: {DE57885C-53ED-4F9A-B0FC-9F269709DCA4} - System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.) Task: {E096F40B-6AB6-44B1-B0A1-0CD0C26AFC9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd) Task: {E14528C7-E4AB-4DA3-BF44-835FF7F1155B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard) Task: {E21D688A-A2F4-4951-B57D-FD78D5E75EF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-03-25] (Microsoft) Task: {E4EBBA08-0CF8-4B70-AC76-571A5C9621A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-02] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-31 21:24 - 2014-03-27 15:47 - 02744624 _____ () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe 2010-07-21 16:33 - 2010-07-21 16:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2010-07-21 16:33 - 2010-07-21 16:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-07-21 16:33 - 2010-07-21 16:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2014-04-07 03:51 - 2014-04-07 03:51 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040700\algo.dll 2014-04-02 03:00 - 2014-04-02 03:00 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-03-31 17:49 - 2014-03-15 03:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-04-01 09:41 - 2014-04-01 09:41 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll 2012-01-09 18:09 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:15734396 AlternateDataStreams: C:\ProgramData\Temp:C22674B6 AlternateDataStreams: C:\ProgramData\Temp:F2B81C2E AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 03:06:44 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 02:59:02 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 02:40:19 AM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 28.0.0.5186, time stamp: 0x53240e5d Faulting module name: mozalloc.dll, version: 28.0.0.5186, time stamp: 0x5323e5ef Exception code: 0x80000003 Fault offset: 0x0000119c Faulting process id: 0xb5c Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (04/05/2014 08:51:43 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/04/2014 09:15:23 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/03/2014 08:13:07 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (04/07/2014 07:22:54 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 7:16:06 PM on 4/7/2014 was unexpected. Error: (04/07/2014 05:35:06 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (04/06/2014 11:50:08 PM) (Source: BugCheck) (User: ) Description: 0x0000001e (0xffffffffc0000005, 0xfffff80002fc301a, 0x0000000000000001, 0x0000000000000018)C:\Windows\MEMORY.DMP040614-19952-01 Error: (04/06/2014 11:50:06 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 11:45:17 PM on 4/6/2014 was unexpected. Error: (04/06/2014 09:54:21 AM) (Source: Service Control Manager) (User: ) Description: The Application Experience service failed to start due to the following error: %%776 Error: (04/06/2014 07:32:02 AM) (Source: BugCheck) (User: ) Description: 0x0000000a (0x0000000000000107, 0x0000000000000002, 0x0000000000000001, 0xfffff80002d08d35)C:\Windows\MEMORY.DMP040614-29624-01 Error: (04/06/2014 07:31:59 AM) (Source: EventLog) (User: ) Description: The previous system shutdown at 7:29:32 AM on 4/6/2014 was unexpected. Error: (04/06/2014 06:46:29 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (04/06/2014 03:07:42 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. Error: (04/06/2014 03:06:43 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. Microsoft Office Sessions: ========================= Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 03:06:44 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 02:59:02 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/06/2014 02:40:19 AM) (Source: Application Error)(User: ) Description: plugin-container.exe28.0.0.518653240e5dmozalloc.dll28.0.0.51865323e5ef800000030000119cb5c01cf5160fe12ecd8C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb3139b56-bd5e-11e3-84f3-ec9a74fb9e7e Error: (04/05/2014 08:51:43 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/04/2014 09:15:23 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/03/2014 08:13:07 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-04-07 19:23:02.732 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 19:10:33.954 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 18:51:25.964 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 18:42:50.546 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 18:35:36.061 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 17:41:54.836 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 08:58:40.629 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-07 07:53:39.296 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-06 23:50:15.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-06 20:01:25.314 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 48% Total physical RAM: 3001.89 MB Available physical RAM: 1547.35 MB Total Pagefile: 6001.96 MB Available Pagefile: 4230.13 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:284.21 GB) (Free:232.82 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.69 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7B0CBEB5) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=284 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End Of Log ============================ -
'svchost.exe' and 'rukarukumoet.com'
byteboy replied to byteboy's topic in Resolved Malware Removal Logs
Hello, I'm sorry for the late reply. Thanks for the help. I hope I did everything correctly. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by walmart (administrator) on WALMART-HP on 07-04-2014 19:27:52 Running from C:\Users\walmart\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7541976 1999-12-31] (Realtek Semiconductor) HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-02] (AVAST Software) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\Run: [bIBLauncher] - C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [2744624 2014-03-27] () HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: F - F:\LaunchU3.exe -a HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: {8fcbc2c5-5efa-11e1-9c3c-74de2bc78cb5} - F:\LaunchU3.exe -a HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\walmart\AppData\Local\Temp\seftxwf\sxeetuk\wow64.dll ATTENTION! ====> ZeroAccess? ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @ei.TelevisionFanatic.com/Plugin - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic) FF Plugin-x32: @ei.TotalRecipeSearch_14.com/Plugin - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Extension: Adblock Plus - C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-31] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-02] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll () CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File CHR Plugin: (TelevisionFanatic Installer Plugin Stub) - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic) CHR Plugin: (TotalRecipeSearch Installer Plugin Stub) - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Extension: (Google Docs) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-19] CHR Extension: (Google Drive) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-19] CHR Extension: (YouTube) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-19] CHR Extension: (Adblock Plus) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-17] CHR Extension: (Google Search) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-19] CHR Extension: (avast! Online Security) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-02] CHR Extension: (Google Wallet) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31] CHR Extension: (Gmail) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-19] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-02] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-02] (AVAST Software) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 1999-12-31] (Realtek Semiconductor) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-02] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-02] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-02] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-02] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-02] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-02] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-02] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-07 19:27 - 2014-04-07 19:28 - 00017687 _____ () C:\Users\walmart\Downloads\FRST.txt 2014-04-07 19:27 - 2014-04-07 19:27 - 00000000 ____D () C:\FRST 2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe 2014-04-07 03:57 - 2014-04-07 19:22 - 00000280 _____ () C:\Windows\setupact.log 2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg 2014-04-07 03:48 - 2014-04-07 03:48 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-07 03:48 - 2014-04-07 03:48 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe 2014-04-06 07:40 - 2014-04-07 19:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-06 07:40 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-06 07:40 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-06 07:40 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\ProgramData\Package Cache 2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\Program Files\Adblock Plus for IE 2014-04-06 03:24 - 2014-04-07 03:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc 2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe 2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-06 03:00 - 2014-04-06 03:01 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek 2014-04-06 03:00 - 1999-12-31 19:00 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-04-06 03:00 - 1999-12-31 19:00 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-04-06 03:00 - 1999-12-31 19:00 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-04-06 03:00 - 1999-12-31 19:00 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-04-06 03:00 - 1999-12-31 19:00 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-04-06 03:00 - 1999-12-31 19:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-04-06 02:58 - 1999-12-31 19:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-04-06 02:58 - 1999-12-31 19:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-04-06 02:58 - 1999-12-31 19:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-04-06 02:50 - 1999-12-31 19:00 - 09888912 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2014-04-06 02:50 - 1999-12-31 19:00 - 00339600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2014-04-06 02:41 - 2013-11-26 15:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2014-04-06 02:41 - 2013-11-26 15:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2014-04-06 02:37 - 1999-12-31 19:00 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2014-04-06 02:37 - 1999-12-31 19:00 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2014-04-06 02:37 - 1999-12-31 19:00 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources 2014-04-06 02:37 - 1999-12-31 19:00 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2014-04-06 02:37 - 1999-12-31 19:00 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2014-04-06 02:37 - 1999-12-31 19:00 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp 2014-04-06 02:37 - 1999-12-31 19:00 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe 2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-04 20:44 - 2014-04-04 20:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe 2014-04-02 03:02 - 2014-04-02 03:02 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AVAST Software 2014-04-02 03:01 - 2014-04-06 03:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-02 03:01 - 2014-04-02 03:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-04-02 03:01 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-02 03:01 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-02 03:00 - 2014-04-02 03:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-02 03:00 - 2014-04-02 03:00 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-02 02:59 - 2014-04-02 02:59 - 00000000 ____D () C:\Program Files\AVAST Software 2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe 2014-04-02 02:58 - 2014-04-02 02:58 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-04-01 12:06 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-01 12:06 - 2014-03-01 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-01 12:06 - 2014-03-01 00:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-01 12:06 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-01 12:06 - 2014-02-28 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-01 12:06 - 2014-02-28 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-01 12:06 - 2014-02-28 23:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-01 12:06 - 2014-02-28 23:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-01 12:06 - 2014-02-28 23:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-01 12:06 - 2014-02-28 23:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-01 12:06 - 2014-02-28 23:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-01 12:06 - 2014-02-28 23:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-01 12:06 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-01 12:06 - 2014-02-28 23:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-01 12:06 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-01 12:06 - 2014-02-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-01 12:06 - 2014-02-28 23:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-01 12:06 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-01 12:06 - 2014-02-28 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-01 12:06 - 2014-02-28 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-01 12:06 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-01 12:06 - 2014-02-28 22:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-01 12:06 - 2014-02-28 22:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-01 12:06 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-01 12:06 - 2014-02-28 22:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-01 12:06 - 2014-02-28 22:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-01 12:06 - 2014-02-28 22:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-01 12:06 - 2014-02-28 22:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-01 12:06 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-01 12:06 - 2014-02-28 22:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-01 12:06 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-01 12:06 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-01 12:06 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-01 12:06 - 2014-02-28 22:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-01 12:06 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-01 12:06 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-01 12:06 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-01 12:06 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-01 12:06 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-01 12:06 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2} 2014-04-01 06:48 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-01 06:48 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-04-01 06:48 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-04-01 06:47 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files 2014-04-01 03:17 - 2014-04-02 02:49 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-01 03:12 - 2014-04-06 03:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe 2014-04-01 03:04 - 2014-04-06 08:19 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent 2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box 2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls 2014-03-31 19:40 - 2014-03-31 19:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip 2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC 2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe 2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe 2014-03-31 15:58 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-31 15:58 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-31 15:58 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-31 15:58 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-31 15:58 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-03-31 15:58 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-03-31 15:58 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-03-31 15:58 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-03-31 15:58 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-03-31 15:58 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-03-31 15:57 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-03-31 15:57 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-03-31 15:57 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-03-31 15:57 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-03-31 15:57 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-03-31 15:57 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-03-31 15:57 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-03-31 15:57 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-03-31 15:57 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-03-31 15:57 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-03-31 15:57 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-03-31 15:57 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-03-31 15:57 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-03-31 15:55 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-31 15:55 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-31 15:54 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-31 15:54 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-14 13:46 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-03-14 13:46 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-03-14 13:46 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-03-14 13:46 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-03-14 13:46 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-03-14 13:46 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-03-14 13:45 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-03-14 13:45 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-03-14 13:45 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-03-14 13:45 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-03-14 13:45 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-03-14 13:45 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-03-14 13:45 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-03-14 13:45 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2014-03-14 13:44 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-03-14 13:44 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-03-14 13:43 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-03-14 13:43 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-03-14 13:43 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-03-14 13:43 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-03-14 13:43 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-03-14 13:43 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-03-14 13:43 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-03-14 13:43 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-03-14 13:43 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-03-14 13:43 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-03-14 13:43 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-03-14 13:43 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-03-14 13:43 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-03-14 13:43 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-03-14 13:43 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-03-14 13:43 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-03-14 13:43 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-03-14 13:43 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-03-14 13:43 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-03-14 13:43 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-03-14 13:38 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-03-14 13:38 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-03-14 13:38 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-03-14 13:38 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-03-14 13:38 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-03-14 13:38 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-03-14 13:38 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-03-14 13:38 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-03-14 13:38 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-03-14 13:38 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-03-14 13:38 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-03-14 13:38 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-03-14 13:38 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-03-14 13:38 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-03-14 13:38 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-03-14 13:38 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-03-14 13:38 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-03-14 13:38 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-03-14 13:36 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-03-14 13:36 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-03-14 13:36 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-03-14 13:36 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-03-14 13:36 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-03-14 13:36 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-03-14 13:36 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-03-14 13:36 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-03-14 13:36 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-03-14 13:35 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-03-14 13:35 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-03-14 13:35 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-03-14 13:34 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-03-14 13:34 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-03-14 13:34 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-03-14 13:34 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-03-14 13:34 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-03-14 13:34 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-03-14 13:34 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-03-14 13:34 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-03-14 13:34 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-03-14 13:34 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-03-14 13:34 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-03-14 13:34 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-03-14 13:27 - 2013-08-28 21:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-03-14 13:27 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-03-14 13:27 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-03-14 13:27 - 2013-08-28 21:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-03-14 13:27 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-03-14 13:27 - 2013-08-28 20:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-03-14 13:27 - 2013-08-28 20:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-03-14 13:27 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-03-14 13:27 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-03-14 13:27 - 2013-08-28 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-03-14 13:27 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-03-14 13:27 - 2013-08-28 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-03-14 13:27 - 2013-08-28 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-03-14 13:27 - 2013-08-28 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-03-14 13:27 - 2013-08-28 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-03-14 13:26 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-03-14 13:26 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-03-14 13:25 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-03-14 13:25 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-03-14 13:25 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-03-14 13:25 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2014-03-14 13:24 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-03-14 13:24 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-03-14 13:24 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-03-14 13:24 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2014-03-14 13:19 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-03-14 13:19 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-03-14 12:45 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-03-14 12:45 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-03-14 12:42 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-03-14 12:42 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-03-14 12:42 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-03-14 12:42 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-03-14 12:42 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2014-03-14 12:42 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache 2014-03-14 11:56 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-03-14 11:56 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-03-14 11:56 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-03-14 11:56 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-03-14 11:56 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-03-14 11:56 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-03-14 11:56 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-03-14 11:56 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-03-14 11:56 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios 2014-03-11 22:11 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-03-11 22:11 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-03-11 22:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache 2014-03-10 16:10 - 2014-03-10 16:10 - 00012560 ____H () C:\Users\walmart\Documents\~WRL1708.tmp 2014-03-10 14:55 - 2014-03-11 22:12 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Big Fish Games 2014-03-08 20:11 - 2014-03-08 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ==================== One Month Modified Files and Folders ======= 2014-04-07 19:28 - 2014-04-07 19:27 - 00017687 _____ () C:\Users\walmart\Downloads\FRST.txt 2014-04-07 19:27 - 2014-04-07 19:27 - 00000000 ____D () C:\FRST 2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe 2014-04-07 19:26 - 2012-01-09 18:06 - 01745398 _____ () C:\Windows\WindowsUpdate.log 2014-04-07 19:24 - 2014-04-06 07:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-07 19:23 - 2013-05-21 10:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job 2014-04-07 19:23 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-07 19:22 - 2014-04-07 03:57 - 00000280 _____ () C:\Windows\setupact.log 2014-04-07 19:16 - 2012-07-29 09:45 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-07 18:29 - 2012-05-01 19:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-07 18:24 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-07 18:24 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg 2014-04-07 03:52 - 2012-05-14 11:50 - 00000000 ____D () C:\Windows\Minidump 2014-04-07 03:52 - 2012-03-18 15:12 - 00000000 ____D () C:\Users\walmart\AppData\Local\CrashDumps 2014-04-07 03:52 - 2012-02-24 13:21 - 00000000 ___DC () C:\Users\walmart\AppData\Local\MigWiz 2014-04-07 03:52 - 2007-01-01 20:25 - 00000000 ____D () C:\Windows\Panther 2014-04-07 03:48 - 2014-04-07 03:48 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-07 03:48 - 2014-04-07 03:48 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe 2014-04-07 03:45 - 2014-04-06 03:24 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc 2014-04-06 22:21 - 2012-01-24 18:23 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{47EB58B7-2A92-44B6-AF61-DCD90F7092D8} 2014-04-06 08:19 - 2014-04-01 03:04 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent 2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\ProgramData\Package Cache 2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\Program Files\Adblock Plus for IE 2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe 2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-06 03:23 - 2014-04-01 03:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-06 03:12 - 2009-07-14 00:13 - 00727334 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-06 03:01 - 2014-04-06 03:00 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek 2014-04-06 03:00 - 2014-04-02 03:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-06 02:58 - 2012-01-09 18:16 - 00015302 _____ () C:\Windows\system32\results.xml 2014-04-06 02:58 - 2011-04-09 16:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-06 02:53 - 2011-02-10 14:23 - 00000000 ____D () C:\SWSetup 2014-04-06 02:50 - 2012-01-09 18:12 - 00000000 ____D () C:\Windows\SysWOW64\sda 2014-04-06 02:50 - 2012-01-09 18:07 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc 2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe 2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-04 20:43 - 2014-04-04 20:44 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe 2014-04-03 09:51 - 2014-04-06 07:40 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-06 07:40 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-06 07:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-03 08:49 - 2012-03-22 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-04-03 08:49 - 2012-02-24 10:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-04-02 03:02 - 2014-04-02 03:02 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AVAST Software 2014-04-02 03:01 - 2014-04-02 03:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-04-02 03:00 - 2014-04-02 03:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-02 03:00 - 2014-04-02 03:00 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-02 03:00 - 2014-04-02 03:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-02 02:59 - 2014-04-02 02:59 - 00000000 ____D () C:\Program Files\AVAST Software 2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe 2014-04-02 02:58 - 2014-04-02 02:58 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-04-02 02:49 - 2014-04-01 03:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-01 10:26 - 2014-03-07 14:35 - 00000000 ____D () C:\ProgramData\VirtualizedApplications 2014-04-01 10:26 - 2014-02-19 00:59 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\SoftGrid Client 2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2} 2014-04-01 09:48 - 2012-06-25 18:20 - 00000000 ____D () C:\Users\walmart\AppData\Local\Windows Live 2014-04-01 08:18 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-04-01 08:17 - 2012-01-24 18:22 - 00001417 _____ () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-01 08:15 - 2009-07-13 23:45 - 00277464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-04-01 08:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-01 06:47 - 2014-02-19 00:59 - 00744030 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-01 06:47 - 2014-02-19 00:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client 2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-01 03:54 - 2014-04-01 03:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files 2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe 2014-04-01 03:11 - 2014-02-04 20:58 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe 2014-04-01 03:11 - 2012-07-29 09:45 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe 2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree 2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box 2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls 2014-03-31 19:45 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip 2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC 2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe 2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia 2014-03-31 18:16 - 2012-05-01 19:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-31 18:16 - 2012-05-01 19:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-31 18:16 - 2012-05-01 19:46 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 17:49 - 2012-12-24 16:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe 2014-03-31 12:10 - 2013-04-19 13:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache 2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios 2014-03-11 22:12 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Big Fish Games 2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache 2014-03-10 16:10 - 2014-03-10 16:10 - 00012560 ____H () C:\Users\walmart\Documents\~WRL1708.tmp 2014-03-08 20:11 - 2014-03-08 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-25 15:33 ==================== End Of Log ============================